Is there a plugin available or any other way to hide the uploads folder/directory so that if a user were to go to it it'd return a Not Found or Forbidden message?
Is there a way to hide the uploads folder from public/ (6 posts)
-
hellocatfood
Posted 11 months ago # -
Drop a htaccess file in the wp-contents folder.
Order Allow,Deny Deny from all <Files ~ "\.(css|jpe?g|png|xsl|gif|ico|js)$"> Allow from all </Files>This will return a 404 for wp-contents and all subdirectories beneath it such wp-content/uploads, /themes, /plugins
-
Posted 11 months ago #Cheers :-)
-
Actually an ever better way is place the following in a htaccess file,
Options -IndexesThat will turn off indexing for whatever folder it resides in as well as any subfolders beneath it. For example, if you place it in
wp-contentsit will protect not onlywp-contentsbutwp-contents/themes,wp-contents/pluginsandwp-contents/uploadsas well.If you place it at root it will work for all foldes/subfolders sitewide.
-
tretsim
Posted 11 months ago #.htaccess will work or just place an index.html/index.php in the directories with whatever message you want. The first method is best but the second is easiest.
-
A word of caution: if you use an index file make sure you don't use a PHP index file in the plugin directory. It may bork the dashboard.
Reply
You must log in to post.
