uploads accessible without login

  • Resolved pgb

    (@pgb)


    8 years ago

    I’ve discovered on one of my sites that the uploads folder can be accessed without logging in i.e. available to anybody who types in
    domainname.com/wp-content/uploads
    Does anyone know how to prevent this please?

    I have other sites where this does not happen, I’m mystified. The site in question uses a child theme of 2016.

Viewing 2 replies - 1 through 2 (of 2 total)
  • John Parris

    (@mindctrl)

    8 years ago

    Hi,

    It depends on your hosting. You may be able to add a file named .htaccess to the folder, and add the following line to it:

    Options -Indexes

    If that doesn’t work, contact your host and ask them to deny directory listings in that folder.

    Thread Starter pgb

    (@pgb)

    8 years ago

    Thank you John, that works. What a relief!

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘uploads accessible without login’ is closed to new replies.