how to protect uploads folder with .htaccess to only allow images in wordpress site

1 Views

I have a question i need to protect site from uploading and/or executing any scripts or files other than images only in a wordpress site.

But i have tried few variations with .htaccess file and no success.

Read More

The wordpress have wp-content/uploads folder where uploads are stored. And inside that it’s sorted based on year / month combination in folders. I used this example from wordpress site but it somehow locks entire folder and i can’t even see the images. 

<Files ^(*.jpeg|*.jpg|*.png|*.gif)>
   order deny,allow
   deny from all
</Files>

So is there a working way on making it available to upload and sort images inside wp-content/upload folders and later on access them. I think the problem is that there are subfolders sinside uploads or i am wrong ?

Post Views: 1

Related posts

1 comment

  1. So an htaccess solution won’t affect what they can upload but will recursively effect access for all subdirectories.

    RewriteEngine on
#if the file does not have one of theses extensions
RewriteCond %{REQUEST_URI} !.(png|jpg|jpeg|gif)$
#then it should be marked as forbidden.
RewriteRule .*$ - [F]

    That should do it.

Comments are closed.