Safety issue: accessability of all folders
Hi, I just sent a- rss-feed-newsletter around which contained a video. Not entirely surprisingly the video does not show up in the mail - just the link.
As I was testing this, I realized that each part of the folders can be accessed by anyone! http://www.dievogelschule.com/wp-con...Verpaarung.mp4 That is http://www.dievogelschule.com/wp-con...loads/2016/03/ www.dievogelschule.com/wp-content/uploads/2016/ etc. Allowing anyone access to all contents I frantically started pasting index.html into the most current and obvious folders. But I have a lot of folders in there as my website has been running for years. This cannot be right. Is it a setting I have missed? A bug in the program? I am really concerned. Thanks for your help. Ann. |
You should review the permissions you have for the folders - see Permission Scheme for WordPress
|
They are all 755. I take it that is bad. What should they be?
|
Actually, after mucking around with bluehost ... apparently they can only do 755 for folders and 644 for files. Thus, I reseearched a bit more and it turns out, it was an issue with the .htaccess files which need at the bottom the following line inserted:
Options -Indexes I have not had that issue before. Was something altered? Anyhow, thank you for getting me on the way to fixing this, even if it was not the solution. I'll be sendung you a little donation for your time. Thanks. |
ps. your donation form is not working. The drop down does not show any $$ amount and you cannot manually insert it. When left empty it refuses to forward to the paypal page. Would you please check this. I am using Safari.
|
Quote:
If you want to donate to me, select the 'donate to juggledad' button |
Argh ... that's what happens when trying to do stuff in a mad rush ... donation on the way. :-)
|
All times are GMT -6. The time now is 03:54 AM. |
Powered by vBulletin® Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.