Can you add an empty
/wp-content/uploads/directories on installation, please?
This then prevents scanners from listing the contents of these directories.
I can't think of any downsides to this, either for initial setups, or in addition to existing setups.
@marcusquinn Oh, file indexing should not be possible by default.
That would be an oversight and not intended.
I just installed a fresh wp-dev and there is an
uploadsis missing an
But also the
uploadsfolder is giving me a 403 forbidden.
can you check if your wp-dev is fresh or historical?