Support » Fixing WordPress » .htaccess and chmod 777

  • Resolved rudolfnu

    (@rudolfnu)


    I use a plugin Image Manager where you need to set the upload/images to chmod 777, to get it to work!

    I don’t like that, I’ve searched around for a solution to make it a bit safer. What I want is to use a .htaccess file in images folder, and to utilize that only jpg,jpeg,gif and png could be used or disable php,sgi,perl in that folder. The person who wrote the plugin states that you can make that with following lines in a htaccess file

    <Files ^(*.jpeg|*.jpg|*.png|*.gif)>
    order deny allow
    deny from all
    </Files>

    I tried that but that don’t work at all, could anyone give me the magic lines that either allow only images or disallow scriptfiles.

Viewing 15 replies - 1 through 15 (of 18 total)
  • disallow script files from what? Thats what’s missing from your question?

    from being uploaded?
    from being parsed (executed)?
    from being read?

    what?

    Thread Starter rudolfnu

    (@rudolfnu)

    ooh sorry,

    I want to make it safer, so not anyone can hack my site or run scriptfiles in that folder

    from being parsed (executed)?

    so you dont want script files to be executable inside that directory?

    Thread Starter rudolfnu

    (@rudolfnu)

    yep

    gimme a min or 2

    Thread Starter rudolfnu

    (@rudolfnu)

    perfect, Im impressed how fast you replied! 🙂

    oke.. well for starters, since the dir is 777. you want to do this:

    AddType text/plain .pl
    AddType text/plain .cgi
    AddType text/plain .php

    its been a while since Ive done that, Ill prolly need to test it, or you can

    Thread Starter rudolfnu

    (@rudolfnu)

    In htaccess?

    AddType text/plain .pl
    AddType text/plain .cgi
    AddType text/plain .php

    do you need something else? I can try it

    i already did, it works fine. and no, you dont need anything else.

    dont leave your .htaccess chmod to anything higher than 644. and even then, you ought to put this inside it:
    <Files ~ "^.ht">
    Order allow,deny
    Deny from all
    Satisfy All
    </Files>

    Thread Starter rudolfnu

    (@rudolfnu)

    perfect, Thank you for the help!
    I asume that this disables script´s in that folder?

    it makes files with those extensions be displayed as text within a browser.

    Thread Starter rudolfnu

    (@rudolfnu)

    Oh the first lines then?

    AddType text/plain .pl
    AddType text/plain .cgi
    AddType text/plain .php

    Im no htacces expert 😉

    what are you asking me?

    What you just pasted causes files with the extension .pl, .php, or .cgi be displayed as text.

    The other thing I pasted restricts your .htaccess from being opened in a browser.

    Thread Starter rudolfnu

    (@rudolfnu)

    this goes in to my htacces file in the folder
    <Files ~ “^.ht”>
    Order allow,deny
    Deny from all
    Satisfy All
    </Files>

    chmodded 777

    but the other lines that you wrote?
    AddType text/plain .pl
    AddType text/plain .cgi
    AddType text/plain .php

    Thread Starter rudolfnu

    (@rudolfnu)

    Ohh I see, two solutions for different problems, I understand!

    thank you so much for you help!!!!!

Viewing 15 replies - 1 through 15 (of 18 total)
  • The topic ‘.htaccess and chmod 777’ is closed to new replies.