Matteo Mattei

Hello, my name is Matteo Mattei and this is my personal website. I am computer engineer with a long experience in Linux system administration and web software development.

linkedin rss twitter google+ github facebook

How to protect wp-content/uploads folder in Wordpress and avoid spam

Usually it is not a problem with Wordpress itself but sometimes we install lot of plugins that come from not well known origins or that are buggy and they can compromise the entire server. So, after dozens of server maintanance sessions, I am going to summarize all the best practice I found.

chmod o-w wp-content/uploads

Remember that in this way you are not able to upload files from the admin area if the web server runs with other privileges.

This third rule is very important and saved me bad headaches.

comments powered by Disqus