If you’ve ever tried to setup a sales funnel or membership site using WordPress then you’ll know that anyone can use the search functionality in WordPress to expose all your additional pages, content and even unprotected membership content.
There is however a few ways you can quickly remove the search feature from your WordPress blog.
You can download, install and activate this plugin by searching through the plugin store on your WordPress blog. I’ve only tested this on the latest version of WordPress so backup your store before installing.
Once installed you can simply visit yourdomain.com/?s= and you’ll get greeted with ‘Nothing Found’ Now try searching for some content, again you’ll get the same result.
While Disable Search is great, it definitely doesn’t solve all your problems, for example if you have a category such as downloads and then many pages after that you’ll still be exposed to directory crawlers and people who know how to expose your directory files.
The simplest solution here (if you’re using Linux hosting) is to head over to your .htaccess file and add one line of code to stop directory exploring. This means you need the full file path to access a specific page.
You’ll find .htaccess in public_html folder if you’re using Cpanel. If you can’t see it make sure you ‘show hidden files’ which is an option under settings.
Add the following: Options -Indexes
Save and reload your website. Try going to www.yourdomain.com/wp-content/uploads and you’ll see you can no longer access this. If you know the file name and append to the end, you’ll see you can load the file just fine.
And there you have it, how to disable search feature with WordPress and prevent directory browsing using basic htaccess code modification.