WordPress.org

Forums

uploads folder above root directory? (4 posts)

  1. bclaytor
    Member
    Posted 8 years ago #

    Is there any way to place the wp-uploads directory above the root web directory for security?

    I have a blog that will be posting potentially sensitive documents, and would like to secure the uploads folder. Currently, only registered users can view the blog, and I am using .htaccess to deny acccess to the uploads folder, but this has some limitations (ie. it disallows the "browse" uploads feature when writing a post.

  2. whooami
    Member
    Posted 8 years ago #

    you _could_ potentially do that script side, ie upload to a web accessable directory and then move the files.

    the rule of thumb though ought to be if you dont want it accessable, dont put it on the web.

  3. bclaytor
    Member
    Posted 8 years ago #

    Is there any way to direct the uploads directly to the folder outside of root?

  4. whooami
    Member
    Posted 8 years ago #

    you cant upload directly to a folder thats not web accessible, no.

    php is perfectly capable of moving uploads --

    http://www.php.net/manual/en/ref.filesystem.php

    See the Table of Contents on the above page -- thats not what's on the far left, scroll down a tad.

Topic Closed

This topic has been closed to new replies.

About this Topic