Folder Access Test
Check how your website responds to direct folder/path requests (e.g., /plugins, /admin, /vendor).
Check protected folders and paths
This tool checks direct access to sensitive folders and paths and shows whether they are blocked, hidden or still reachable.
Sensitive path checks
Test common folders like /plugins, /admin, /vendor and /.env.
Human or bot mode
Compare a normal browser request with a bot-like user agent.
Shield detection
Redirects and soft 404 responses can be recognized as protected shields.
Page Description
This test lets you quickly check how well your website protects important areas. Many automated attacks first try to access common folders and files. This includes areas like admin, plugins, configuration, and other internal locations. If everything is protected properly, these requests should not reveal any content.
The test shows you clearly how your website responds to each path. “Blocked or restricted” means: access is reliably prevented.
“Allowed/unclear” means: the response is not conclusive or appears open. “Exploit blocked” means: a protection rule reacted and stopped the access. Important: this test is harmless and does not change anything on your website. It helps you spot weaknesses early and improve protection step by step.
The test shows you clearly how your website responds to each path. “Blocked or restricted” means: access is reliably prevented.
“Allowed/unclear” means: the response is not conclusive or appears open. “Exploit blocked” means: a protection rule reacted and stopped the access. Important: this test is harmless and does not change anything on your website. It helps you spot weaknesses early and improve protection step by step.
Start a test
Enter a domain or URL, choose the request mode and run the folder access check.