Title: Uploads folder and security
Last modified: August 19, 2016

---

# Uploads folder and security

 *  [thomasvansundert](https://wordpress.org/support/users/thomasvansundert/)
 * (@thomasvansundert)
 * [17 years ago](https://wordpress.org/support/topic/uploads-folder-and-security/)
 * Hi,
    I’m looking for a clear answer to the following question: how can I make
   sure WordPress can upload media to my wp-content/uploads folder without having
   security risks?
 * The only way I got WordPress to upload files is by setting chmod 777 on the download
   directory.
 * What will the security implications be when I set:
 * <IfModule mod_security.c>
    SecFilterEngine Off SecFilterScanPOST Off </IfModule
   >
 * in my .htaccess file?
 * Also, when I set the following lines in my .htaccess-file:
 * Order Allow,Deny
    Deny from all <Files ~ “\.(jpeg|jpg|png|gif|gz)$”> Allow from
   all </Files> AddType text/plain .pl .cgi .php Options -ExecCGI AddHandler cgi-
   script .php .pl .py .jsp .asp .htm .shtml .sh .cgi <FilesMatch “\.(php|pl|py|
   jsp|asp|htm|shtml|sh|cgi)$”> ForceType text/plain </FilesMatch>
 * Will this make any difference?

The topic ‘Uploads folder and security’ is closed to new replies.

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 0 replies
 * 1 participant
 * Last reply from: [thomasvansundert](https://wordpress.org/support/users/thomasvansundert/)
 * Last activity: [17 years ago](https://wordpress.org/support/topic/uploads-folder-and-security/)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics