Important: Secure the wp-content/uploads folder

You should protect your Wordpress uploads folders by preventing script execution from that folder/subfolders.  This is one of the most common ways that a If you are hosting Wordpress on IIS then you should add a web.config file to the /wp-content/uploads folder with the following content:

<configuration>
<system.webServer>
<handlers>
<clear />
<add
name="StaticFile"
path="*" verb="*"
modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule"
resourceType="Either"
requireAccess="Read" />
</handlers>
<staticContent>
<mimeMap fileExtension=".*" mimeType="application/octet-stream" />
</staticContent>
</system.webServer>
</configuration>

  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

Database

The correct URL to connect to the MYSQL database from Wordpress is mysql-local.yourdomain.com...

How to install Wordpress from control panel

If DNS is not enabled yet or your domain is not active for any reason you can use an instant...

How to Update Wordpress Password

How to update the Wordpress password that you use to access your site through...

Updates

Permissions must be set to "Write" for Wordpress updates to complete. Please follow these steps...

White Pages on Your Wordpress Website

If white pages suddenly appear on your Wordpress site, it might be caused by an issue with one of...