Media file links — sometimes /blogs.dir/xxx/files, sometimes /files/ | WordPress.org

tommcgee
(@tommcgee)

9 years, 9 months ago

We’re finding that on some pages in some of our blogs, the link URLs to PDF files are coming across in the form of:

http://oursite.com/blogname/files/2012/02/filename.doc

and other times in the form of:

http://oursite.com/blogname/wp-content/blogs.dir/666/files/2012/02/filename.doc

The latter is wrong, of course, but also presents a problem; some of these blogs are meant to be confidential, and the blogs.dir form allows those URLs to be reached directly through an HTTP request and bleed out into Google, so that they are findable by people without proper access.

The two versions of the links can be found in the very same page sometimes.

How and why would these URL formats be revealed to a blog user in the first place? And what’s to be done?

My working theory right now is to use a RegEx program to find all instances of the blogs.dir-style URLs and change them to the right format, then lock down the blogs.dir directory with an .htaccess file to prevent people from accessing them directly.

A couple of mysteries. One, why does this formatting happen in the first place;

Viewing 2 replies - 1 through 2 (of 2 total)

Moderator Ipstenu (Mika Epstein)
(@ipstenu)

🏳️‍🌈 Advisor and Activist

9 years, 9 months ago

Both are correct honestly.

Is this only happening on PDFs and Docs?

Thread Starter tommcgee
(@tommcgee)

9 years, 9 months ago

I found several .ppt and .xls files.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Media file links — sometimes /blogs.dir/xxx/files, sometimes /files/’ is closed to new replies.

In: Networking WordPress
2 replies
2 participants
Last reply from: tommcgee
Last activity: 9 years, 9 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics