26 July, 2011, 00:19 AM
wordpres users allowed to upload media files
if i allow my contributors in my article directory, is it possible that i also open my site to hackers?
can they upload malicious files and actually work thru it?
26 July, 2011, 01:36 AM
Only if your contributors are hackers!
If hackers want to hack you, they will hack you... Simple as that.
I dont know if you are into LulzSec(LulzBoat) Group, they hacked Sony,FBI and many more, for the lulz! They did big damage to Sony!
26 July, 2011, 06:00 AM
Well, it was shown that Sony had some really silly security practices. Also, they were running outdated software which suggests at least one way to stay safer than even Sony: keep your software up to date.
26 July, 2011, 19:52 PM
so its okay to allow my wordpress users to upload media files like .jpg and .avi so long as i have an updated version?
27 July, 2011, 23:34 PM
28 July, 2011, 14:02 PM
You can limit how big those .jpg and .avi files that people will upload can be to prevent them from uploading files which are too large and may waste your bandwidth.
28 July, 2011, 20:38 PM
how can i limit it? seems like i cant find the option
Originally Posted by memenode
28 July, 2011, 23:59 PM
Hmm, that's actually probably limited in a php.ini file on your server by default though the actual value may vary. I haven't dealt with that stuff for a long time so I forgot about that, and a search reminded me.
So yeah.. I think it's already limited, but if you want to adjust it you should modify an upload_max_filesize value in an /etc/php/php.ini file on your server (not the same exact path everywhere though, and will also be a bit different if it is a Windows server). If you don't have access to it you can ask your host, but the limit may already be fine in which case you don't have to do anything.
Tags for this Thread