© 2013 by Ross M. Gile, all rights reserved President, DigiCal
Do you realize there are many files in the standard WordPress installation that are added to your web site for your (WP Admin) benefit only? Those files are there to give you instructions on how to run a particular plug-in, etc. They are not there for the world. I’m talking about those annoying (but important) readme.html files. Those files come in handy sometimes but they do need to be removed or hidden so the hackers don’t get “intel” such as vulnerable versions of your various plug-ins. I always try to manually remove them but I know I don’t get them all.