WordPress.org

Support

Support » Plugins and Hacks » [Plugin:W3 Total Cache] CDN upload php files

[Plugin:W3 Total Cache] CDN upload php files

  • Version 0.9.2.2

    When upload files to CDN according to “Custom file list:”, the program doesn’t validate the content type, but upload all the files. Even the file ext is .php.

    This is a security hole, to allow other people to steal the php code from CDN, also slow down the upload process.

    I would like to set wp-content/plugins/* into the “Custom File list”, but I only want to upload “*.css; *.js; *.jpg” etc.

    Any help would be appreciated. Thanks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • one more comment for above post.
    I use amazon S3 as CDN.

    Thanks.

    Find the solution for how to prevent .php files upload to CDN, just add “*.php” to Rejected files.

    It works for click the “Custom file” button to upload the files to CDN.
    But won’t work for Cron job update. That’s say the cron job update program miss/fail to check the “Rejected files”.

    How to fix this?

    Any suggestions are welcomed.
    Thanks.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘[Plugin:W3 Total Cache] CDN upload php files’ is closed to new replies.
Skip to toolbar