limit and lockdown file uploads – with ip address ?

  • Resolved magicmiles

    (@magicmiles)


    7 years, 1 month ago

    Is there a way to lockdown file uploads, then limit them to a specfic ip, and then force a block ?

Viewing 3 replies - 1 through 3 (of 3 total)

  • Not sure exactly what you mean and your question might not relate to this forum, which is specific to Wordfence. In general, you could put a .htaccess file in the uploads folder, with code to limit access to specific IP number and block all others. Would be crude but effective. Or just go with the default way of not allowing anonymous file uploads in WordPress, then give one user password access. Lots of ways to do this…

    Thread Starter magicmiles

    (@magicmiles)

    Yes it is relevant: WordFence sends out an email every day with fileupload attack data in it. My question is how do you lock that down ?

    Hi @magicmiles
    If you mean reports including something like that:

    Blocked for a Malicious File Upload in file: files=sfn.php
Blocked for a Malicious File Upload in file: yiw_contact=sfn.php
Blocked for Malicious File Upload (Patterns)

    then these requests are matched with the plugin’s firewall rules and that’s why they were blocked, there is no specific option in Wordfence to “lockdown file uploads”, most probably you will need to control that from the form you provided for users to upload files through your website. It’s advised in general to have “Disable Code Execution for Uploads directory” option activated.

    Thanks.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘limit and lockdown file uploads – with ip address ?’ is closed to new replies.

Tags