[wp-hackers] Any drawbacks in setting WP_CONTENT_DIR (and URL) to DOCUMENT_ROOT?
brasofilo at gmail.com
Fri Jul 13 18:48:54 UTC 2012
>> > Haven't tested this, but anyone can preview any troubles with this
>> > wp-config.php?
>> > (WordPress installed at the root)
>> > define( 'WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'] );
>> > define( 'WP_CONTENT_URL', 'http://www.example.com' );
> There are discussions around the net the $_SERVER['DOCUMENT_ROOT'] may be
> susceptible to hacking. In which case this is extremely dangerous because
> there are lots of places that require() or include() WP_CONTENT_DIR .
Thanks John, Mike and Otto for the great feedback.
Now confident on going on with the envisioned setup.
More information about the wp-hackers