How to Upload a Folder to Your Wordpress Site

Are you curious about where the content of your website is stored? Or accept you heard of wp-content on your WordPress site and want to acquire more nearly it?

A WordPress website is made up of many files and folders. wp-content is one of the fundamental folders as it contains your website'south content, and the themes and plugins installed on your site. If this folder is accidentally deleted, your website will crash.

At MalCare, nosotros've seen many cases where WordPress websites crashed considering a hacker has meddled with the wp-content. Since many website owners never visit the backend of WordPress and check the wp-content, it makes it an platonic spot for hackers to inject malware. They also hide backdoors that give them a secret entry point into your site.

Learning near what hackers tin can exercise the wp-content repository tin can be alarming. But don't worry!

In this guide, we've simplified everything yous need to know about the wp-content. You'll find out what the folder does and how to use it. Next, you'll learn how to hide it or prevent it from beingness accessed past unauthorized users.

TL;DR: The wp-content  is an integral part of your WordPress site. To ensure it is protected, we recommend installing a WordPress Security Plugin (MalCare). The plugin will scan and protect your WordPress files and folders from hackers. It will too automatically take backups of your site regularly and shop them safely.

What Is The WP-content Binder?

As nosotros mentioned in the introduction, a WordPress website is made of many files and directories. It is created by default at the time of building your website and is one of the almost crucial folders of your website.

Every image that you upload, every theme and plugin that yous install on your website is stored in this binder (more details in the side by side section). In other words, any files that don't get stored in the database are stored here. If the folder gets deleted, your website volition crash and you will need to rebuild information technology from scratch.

By and large, website owners don't utilize this binder. But certain occasions may arise when you need to access it.

For example, we accept installed a plugin on our WordPress website. Merely the plugin caused the site to malfunction every bit information technology was not compatible with the version of WordPress we were running. We couldn't disable information technology on the WordPress dashboard. So we had to become to the wp-content folder to delete the plugin in gild to access our site.

Recommend read: Beginner's Guide to Understanding WordPress File Structure & Database

How To Access The WP-Content Folder

To admission the wp-content binder, y'all need to access the WordPress root directory. Here's what to do:

1. Log into your web hosting business relationship (e.g. WP Engine).

2. Access cPanel and open File Manager.

3. Here, you volition run into a folder named 'public_html'. This binder resides on your web server and is fabricated upwardly of WordPress files and sub-folders that all contribute to the functioning and appearance of your website.

4. Inside the public_html folder, you volition find 3 main sub-folders:

1. wp-admin – Contains administrative files related to who can access your WordPress panel and what permissions they are granted.
2. wp-includes – Contains files related to rules, hierarchies, and settings of your WordPress site.
3. wp-content – Contains your website's themes and plugins files and media uploads (in wp content / uploads).

Today nosotros volition focus on the wp-content folder and learn more about its role on your website. The wp-content folder has many more than sub-folders and files which we'll discuss in the next section.

What Does The Wp-content Incorporate?

The wp-content folder on a standard WordPress site has iii more subfolders – plugins, themes, and uploads.

Still, as WordPress sites expand and add more plugins and themes, more folders may exist created. To simplify this, we've broken down the directory structure of this department into four parts:

1. Plugins Folder
2. Themes Folder
3. Uploads Folder
4. Other Common Folders In Wp-content
   • mu-plugins
   • Languages
   • Upgrade
   • Specific Plugins

1. Plugins Folder

On your WordPress website, you accept the ability to install plugins. All the plugins you install on your WordPress site (both active and inactive) are stored in this folder. If you open any of the folders, you'd find rules and configuration files of the plugins installed. Tampering with this folder could crusade the plugins to misbehave.

Knowing how to access this folder can come in handy if you are unable to install a plugin on your dashboard (admin panel). You can copy the plugin's zero file and paste it into this binder. Next, you have to extract the cipher file to activate the plugin on your site.

Similarly, you can use the folder to delete or disable a plugin. Sometimes, a plugin might exist causing a compatibility issue which causes the website to malfunction. If you are unable to disable the plugin from the dashboard, yous can admission this folder and disable it manually.

We do not recommend using this manual method as making changes directly to this WordPress binder is very risky. A slight misstep can render your site broken. Use this method only when you have no other choice.

2. Themes Binder

Similar to the plugins folder, this one houses all the themes on your site. You can use it the same way you would use the plugins binder.

When you lot install a theme on your WordPress dashboard, it would appear in this folder.

For example, we installed the Astra theme on our site:

Next, nosotros checked the themes folder and a sub-folder named 'astra' was automatically created:

Yous tin also re-create themes into this folder to make information technology available on your dashboard. In the same way, you tin can also delete themes here.

3. Uploads Folder

As the proper name suggests, everything that is uploaded to your site is stored in this folder. This includes images, videos, and any other files such equally PDF documents, MS Discussion docs, and GIFs.

By default, these media files are stored in subfolders co-ordinate to the year and month they were added to the site. You lot tin can recollect of it equally a media library.

This is the default setup of a wp-content folder of a WordPress site. However, equally WordPress sites expand and develop, you can oftentimes find boosted folders hither. Nosotros have briefly entailed them beneath:

iv. Other Common Folders Inside Wp-content

At that place are four additional folders that are often created in the wp-content folder.

a) mu-plugins

mu-plugins are must-employ plugins. These plugins are critical to the performance of your WordPress site and are accounted as must employ. For instance, a plugin may come up bundled with a theme. If you disable the plugin, it could break the theme and therefore, break your website. So developers tag them as mu-plugins so that y'all don't disable them unintentionally. If such plugins exist on your site, they are stored in this folder.

b) Languages

WordPress tin be used to create websites in many different languages. If you lot choose to use whatsoever language other than English or multiple languages, WordPress will save the language files in this binder.

c) Upgrade

This is a temporary binder created by WordPress when you update your site to a new version.

d) Specific Plugins

Sometimes plugins create their ain directories on your website. This means they create their ain folders within the wp-content binder. For example, the WP Super Cache plugin creates its own folder called 'enshroud.'

You can run into that the wp-content repository contains vital data on your website. Therefore, it should ever be protected.

In the next department, we discuss the measures yous can take to safeguard this folder from existence tampered with or deleted by anyone.

How To Protect WP-content Or The Uploads Folder?

At that place are iii measures you need to have to protect your wp-content and uploads folder:

1. Take a fill-in of these folders
2. Change the name of your wp-content folder
3. Block the folder from showing on your website'southward index

1. Fill-in Your WP-Content Repository

A backup is a copy of your website that can be used to restore your site to normal if annihilation were to go wrong with it similar if you lot accidentally delete any file or hackers tamper with the binder.

You lot can accept a backup using the BlogVault fill-in plugin. It's easy to install and it will automatically take a complete backup of your WordPress site in under a few minutes. We recommend BlogVault because information technology'south guaranteed to work when you restore information technology.

Yous can too use the plugin to selectively restore your wp-content.

2. Alter The Name Of Your Wp-content

As we know, by default, the folder that stores your content, themes, and plugins are named wp-content. This name is common across all WordPress sites which makes information technology easy for anyone to identify and locate the folder. This means if hackers discover a way to break into your site they will be able to find this folder easily because they know information technology is named 'wp-content'. Yous can protect this folder by changing its name.

There are two ways to do this – using a plugin or manually.

A. Using a Plugin (Safe)

Nosotros recommend doing this by using a plugin called WP Hibernate & Security Enhancer. It provides yous with a simple manner of hiding not just your wp-content, but other important WordPress files also.

This plugin is great considering information technology explains the procedure every step of the manner. Information technology'south easy for both beginners and pros to use. In addition to wp-content, you can besides implement other protective measures on your site such as protecting your comments, authors, uploads, and more than!

B. Manually (Non Recommended)

To rename your wp-content file manually, yous demand to admission the binder on your web server and make changes to it. We strongly do not recommend using this method as the slightest mistake could pause your site.

Step i: Access your web hosting business relationship. Become to cPanel, and access your website's File Manager.

Step 2: Navigate to the wp-content folder, correct-click on it, and select 'Rename'.

Step 3: Rename the folder to whatever other name. Ensure information technology is unique and not a name that is already in employ on your site.

3. Hide The WP-Contents Binder

In that location are times hackers asking for your wp-content repository using malicious code with a URL in it. This binder's URL path is usually yourdomain.com/wp-content or yourdomain.com/public_html/wp-content.

This URL path isn't used in the address bar of your browser. Rather, it is used in the coding of your site. Hackers write malicious code to fetch the information of this folder or to inject their own malicious code.

You tin can block outsiders from accessing this URL path. Only users who are logged into your mutual WordPress dashboard will have access to it. To exercise this, y'all can use the aforementioned plugin we mentioned to a higher place or you can practise it manually.

A. Using a Plugin (Safety)

Using WP Hide & Security Enhancer, y'all can block the wp-content URL path with 2 clicks.

But navigate to the option 'Block wp-content URL' and select yes. One time you save changes, the plugin will block your wp-content URL path.

B. Manually (Not Recommended)

This method requires adding code into a file called the .htaccess file. Modifying your WordPress files manually is very risky. A small mistake can cause your site to malfunction or even crash. That said if yous nevertheless desire to become ahead and give information technology a endeavor, hither are the steps:

Step one: Access your web hosting account. Go to cPanel, and admission your website's File Manager.

Step ii: Navigate to the wp-content binder and create a new file and name it .htacess file.

Footstep 3: Right-click this file and choose 'Edit'. Paste the post-obit code and save changes.

Order Let, Deny

Deny from all

Allow from all

In case you cannot run into your .htaccess file later on creating it, go to Settings and select 'Testify Subconscious Files' .

Stride 4: Your wp-contents folder will be hidden. If you try to admission your file using https://www.yourdomain.com/wp-contents, you should see an fault message:

With that, nosotros come to an terminate on discussing the wp-content and uploads binder on your WordPress site. We are confident that you will now be fully aware of what this folder does, where to discover it, and how to protect it now.

Final Thoughts

The wp-content folder is an integral function of your WordPress site. This makes it then of import to take WordPress security measures to ensure it is protected and backed up.

Apart from the wp-content, there are other integral files and folders that need to be safeguarded. We recommend protecting not merely one or ii elements on your site, but your entire site.

To do this, we recommend installing the MalCare Security Plugin. It will scan your site regularly for malware and alert you lot if there's anything suspicious on your site. You lot tin also accept a complete backup of your site regularly and store it in a condom offsite location.

Protect Your WordPress Site With MalCare !

Melinda is a WordPress enthusiast, and enjoys sharing their experience with boyfriend enthusiasts. On the MalCare blog, Melinda distils the wisdom gained from building plugins to solve security issues that admins confront.

powersesturne.blogspot.com

Source: https://www.malcare.com/blog/wp-content-uploads/

Share this post