Viewing 2 replies - 1 through 2 (of 2 total)
  • If you have access to your apache config, you can add a “deny from all” directive to prevent http access directly to the folder. So it would look something like this:

    <Directory /var/www/yoursite.com/htdocs/wp-file-browser-top>
        deny from all
    </Directory>

    You should also be able to do this in .htaccess.

    Also, I just noticed — in the config for Smallerik, you can actually set the path for where the files are located to outside the web root:

    Setting the default path outside of the web root altogether increases security as the files will not be reachable using a web browser outside the scope of this plugin.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Protect files’ is closed to new replies.