Title: cheebert's Replies | WordPress.org --- # cheebert [ ](https://wordpress.org/support/users/cheebert/) * [Profile](https://wordpress.org/support/users/cheebert/) * [Topics Started](https://wordpress.org/support/users/cheebert/topics/) * [Replies Created](https://wordpress.org/support/users/cheebert/replies/) * [Reviews Written](https://wordpress.org/support/users/cheebert/reviews/) * [Topics Replied To](https://wordpress.org/support/users/cheebert/replied-to/) * [Engagements](https://wordpress.org/support/users/cheebert/engagements/) * [Favorites](https://wordpress.org/support/users/cheebert/favorites/) Search replies: ## Forum Replies Created Viewing 1 replies (of 1 total) * Forum: [Alpha/Beta/RC](https://wordpress.org/support/forum/alphabeta/) In reply to: [what does file upload actually do??](https://wordpress.org/support/topic/what-does-file-upload-actually-do/) * [cheebert](https://wordpress.org/support/users/cheebert/) * (@cheebert) * [19 years, 7 months ago](https://wordpress.org/support/topic/what-does-file-upload-actually-do/#post-301747) * Ok folks…I’m a bit puzzled. I see everywhere that I need to make the upload directory world writable (not something I’m wild about) however, I see in this thread about inline-uploading.php which seems to check user profiles… * So why won’t something like 665 or 666 work on the directory security? Or for that matter why not 770 since apache pulls the info with user www-data which is declared as the group owner of the directory. * Or am I just missing something? I’ve thought to use something like a “” statement in the httpd.conf for that directory so that everyone can read the directory/pictures but you get prompted for a password if you wish to upload. Does inline-uploading.php not use POST? This way I can also force the uploading over SSL in addition to the password. * /brian chee Viewing 1 replies (of 1 total)