Is it good to install wordpress in a subdirectory (with a random name), but set “Homepage” address to domain root? (based on Giving WordPress Its Own Directory)
Since the wp-content
is in the subdirectory and every link to photos and other files (including plugins css and js) in homepage, includes the full path of content folder.
2 Answers
Just to add to the answer by @birgire, check this post on how to hide the fact that you are using WordPress.
I also think that no post basically covers this, but it really help nothing following and applying everything to hide the fact you are using WordPress and to secure WordPress, and your code in itself is a security risk.
Hackers are stubborn and always have a point to prove themselves that they can hack a site that they have set their mind on. The measures named in the linked post is just there to make it difficult for hackers, not to secure your site. Once hackers have the source code to your site, they can use bad, insecure code against you. For that reason, it is always very important to keep your site up to date and use only the latest code as set out in the docs, and regularly check for any code or practice that might create a loophole which hackers can exploit.