[wp-trac] [WordPress Trac] #21981: Securing the uploads directory
WordPress Trac
noreply at wordpress.org
Tue Oct 14 09:27:51 UTC 2014
#21981: Securing the uploads directory
-------------------------+-----------------------
Reporter: japh | Owner:
Type: enhancement | Status: reopened
Priority: normal | Milestone:
Component: Upload | Version:
Severity: normal | Resolution:
Keywords: | Focuses:
-------------------------+-----------------------
Changes (by markjaquith):
* status: closed => reopened
* resolution: wontfix =>
Comment:
Wait a second. We can forget about `php_flag engine off` and just use
`mod_rewrite` if available to 403 requests to PHP files.
{{{
# Disallow access to PHP files in the uploads directory
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule \.php[0-9]?$ - [F]
</IfModule>
}}}
The protection scenario here is a locked down environment where only the
uploads directory is server-writable, and there is a file-writing
compromise. It's a very safe place for an attacker to put PHP files
because it is the one place almost guaranteed to be server writable.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/21981#comment:8>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list