Reputation: 1322
how to protect uploads folder with .htaccess to only allow images in wordpress site
I have a question i need to protect site from uploading and/or executing any scripts or files other than images only in a wordpress site.
But i have tried few variations with .htaccess file and no success.
The wordpress have wp-content/uploads folder where uploads are stored. And inside that it's sorted based on year / month combination in folders. I used this example from wordpress site but it somehow locks entire folder and i can't even see the images.
<Files ^(*.jpeg|*.jpg|*.png|*.gif)>
order deny,allow
deny from all
</Files>
So is there a working way on making it available to upload and sort images inside wp-content/upload folders and later on access them. I think the problem is that there are subfolders sinside uploads or i am wrong ?
Upvotes: 2
Views: 7285
Answers (1)
Reputation: 462
So an htaccess solution won't affect what they can upload but will recursively effect access for all subdirectories.
RewriteEngine on
#if the file does not have one of theses extensions
RewriteCond %{REQUEST_URI} !\.(png|jpg|jpeg|gif)$
#then it should be marked as forbidden.
RewriteRule .*$ - [F]
That should do it.
Upvotes: 3
Related Questions
- .htaccess restrict media folder in wordpress
- Protect images through .htaccess and PHP
- Make images private in Wordpress
- Deny direct access to files in folder
- How do i restrict direct access (from browser) to a folder but allow access to image files inside it..?
- how to protect images inside upload folder from viewing by anyone EXCEPT admin
- Restricting access to images on a website
- .htaccess password protect directory but allow image file types
- Protect a folder by .htaccess RewriteRule to php
- protect folders via htaccess