uploads permissions in Windows environment | WordPress.org

jfalberg
(@jfalberg)

11 years, 10 months ago

To make a long story short, I managed to do the following in order to get uploads, add images to nivo slider, and the Really Simple Captcha plug in to work in a Windows IIS environment:

1. Added following line to wp-config.php:
define(‘UPLOADS’, ‘wp-content/uploads’);

2. Gave Full Control permissions to IIS_IUSRS to the wp-content/uploads folder and any subfolders.

While this works and all, my concern is that a hacker can perform malicious stuff in this uploads section so I was wondering if any upload performances can be done by perhaps the ftp user instead at least?

Viewing 1 replies (of 1 total)

catacaustic
(@catacaustic)

11 years, 10 months ago

No. The internet doesn’t work that way. If you’re uploading a file ot a server through a website you’re using a HTTP protocol, and the web server is what’s dealing with it. Using FTP is a completely separate process that most web browsers don’t have integrated into them.

The best thing that you can do is base the permissions on what happens in *nix systems. Allow uses to read and write files, but not execute anything in that directory.

Viewing 1 replies (of 1 total)

The topic ‘uploads permissions in Windows environment’ is closed to new replies.

Tags

In: Fixing WordPress
1 reply
2 participants
Last reply from: catacaustic
Last activity: 11 years, 10 months ago
Status: not resolved

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics