Support » Plugin: WordPress File Monitor Plus » [Plugin: WordPress File Monitor Plus] Data files browseable

Viewing 3 replies - 1 through 3 (of 3 total)
  • luciano-passuello

    (@luciano-passuello)

    This .htaccess file does the trick (stolen from WP-DBManager plugin):

    <Files ~ “.*\..*”>
    order allow,deny
    deny from all
    </Files>

    PS: Sorry for reporting a security issue publicly, but I couldn’t find a way of privately contacting you.

    Plugin Author Scott Cariss

    (@l3rady)

    In normal circumstances a web host shouldn’t allow access to ‘.’ files publicly hence why I chose to store the data in a ‘.’ file.

    Next version I will include a htaccess file to block access to the ‘.’ files. But also I will put in FAQ to CHMOD the data files so that they are not publicly viewable but editable by PHP.

    As for contacting me privately you can get my email from any of the source files of my plugin.

    Kind Regards

    Scott Cariss

    luciano-passuello

    (@luciano-passuello)

    That sounds perfect!
    Thanks for the quick response, Scott! 🙂

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: WordPress File Monitor Plus] Data files browseable’ is closed to new replies.