Support » Plugin: WooCommerce » Files uploaded to woocommerce_uploads folder are publicly accessible

Viewing 10 replies - 1 through 10 (of 10 total)
  • Thread Starter mungovan

    (@mungovan)

    Yep, I resolved this problem using:
    https://docs.bitnami.com/oci/apps/wordpress/administration/use-htaccess/

    With bitnami/apache the htaccess config is all saved in one place in this file.

    Thread Starter mungovan

    (@mungovan)

    I created this post but would like to remove the url for my site at the very bottom for security reasons but I no longer have access to edit the post, could someone help?

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    I created this post but would like to remove the url for my site at the very bottom for security reasons but I no longer have access to edit the post, could someone help?

    That’s not a security issue and isn’t a valid reason to edit a post.

    https://wordpress.org/support/forum-user-guide/faq/#my-post-shows-up-on-a-search-for-my-domain-will-you-delete-my-post-or-my-link

    Search engine hits are never considered extreme. The post will not be edited or deleted.

    That said, cheer up. That “The page I need help with:” field will never show up in any search engine hits. You have to be logged into the forums to see that link.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Plugin Review Team Rep

    Just FYI that URL at the BOTTOM of your post? Only logged in users can see it. So not even a search engine will get it 😀

    @ipstenu @jdembowski – I am just curious, OP never mentioned search engines, so I am not sure why you said that’s not a valid reason to have it removed? What about privacy, is that a valid reason? The domain in question is using private an anonymous registration, this post ties him to the domain though. It could also be an issue of not wanting employers to know you are asking questions or exposing their domain on a public forum. Note, I am not involved here and have no idea what OP’s reason was for asking, I am just curious why what appears to be a privacy request would be refused.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Plugin Review Team Rep

    @mvandemar Please don’t sign your posts.

    We don’t delete links because it’s an ineffective use of time and resources, and it’s reasonable to expect people to understand that posting links on a public forum means the links will be public.

    Generally ‘privacy’ concerns actually translate into “But GOOGLE can find my link!” and not “Someone’s STALKING me!” We’ve been doing this for a while 🙂

    You should review the FAQ:

    * https://wordpress.org/support/forum-user-guide/faq/#should-i-link-to-my-site
    * https://wordpress.org/support/forum-user-guide/faq/#my-post-shows-up-on-a-search-for-my-domain-will-you-delete-my-post-or-my-link

    @ipstenu Signing my posts is a deep habit, I had no idea that was a violation of the rules. I’ll try to refrain.

    Regarding the others, is there a WordPress Forums Meta forum, for discussions about the forum? Thanks.

    Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    Can you sign up for a WordPress Slack account? These instructions will help you do that.

    https://make.wordpress.org/chat/

    Once you have that account setup you can join the #forums channel where the moderators are and you can ask questions about the forum.

    (clicks imaginary Like button on @jdembowski’s post)

    Thread Starter mungovan

    (@mungovan)

    The reason I mentioned security is because I’m describing the back-end architecture of my website. I’d rather have no information out there about it as it increases the odds of any vulnerabilities being exploited. Also, it looks unprofessional for me to be asking these questions on a forum like this and exposing the url.

    In stackoverflow, which I usually use, it’s possible to edit questions like this to remove unwanted information. You mention that it’s an ineffective use of time and resources, but I would be the one updating the post to remove this line. After I initially posted the question I actually edited it twice before providing the answer, but that edit button disappeared.

    Quiet frustrating process.

Viewing 10 replies - 1 through 10 (of 10 total)
  • The topic ‘Files uploaded to woocommerce_uploads folder are publicly accessible’ is closed to new replies.