WordPress.org

Support

Support » How-To and Troubleshooting » uploads folder above root directory?

uploads folder above root directory?

  • Is there any way to place the wp-uploads directory above the root web directory for security?

    I have a blog that will be posting potentially sensitive documents, and would like to secure the uploads folder. Currently, only registered users can view the blog, and I am using .htaccess to deny acccess to the uploads folder, but this has some limitations (ie. it disallows the “browse” uploads feature when writing a post.

Viewing 3 replies - 1 through 3 (of 3 total)
  • whooami

    @whooami

    Member

    you _could_ potentially do that script side, ie upload to a web accessable directory and then move the files.

    the rule of thumb though ought to be if you dont want it accessable, dont put it on the web.

    Is there any way to direct the uploads directly to the folder outside of root?

    whooami

    @whooami

    Member

    you cant upload directly to a folder thats not web accessible, no.

    php is perfectly capable of moving uploads —

    http://www.php.net/manual/en/ref.filesystem.php

    See the Table of Contents on the above page — thats not what’s on the far left, scroll down a tad.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘uploads folder above root directory?’ is closed to new replies.
Skip to toolbar