I have a bunch of media files located at ~/webapps/mywordpress/wp-content/uploads I have created a symlink to static-only app that points to that uploads folder, and I have mounted it at mydomain.com/wp-content/uploads I know this gives me a speed boost by calling the media files through Nginx instead of the PHP interpreter. But does the symlink also provide security by preventing any executable files from being executed in ~/webapps/mywordpress/wp-content/uploads? In other words, does having the "symlink to static-only app" provide the same security as an .htaccess file in the same directory that disables executables? asked 31 Mar '14, 18:02 PeterA |
Yes, a symlink app does provide additional security in this sense - i.e., items on a path served directly by the front-end Nginx server will be served statically, and not be executed as scripts. answered 31 Mar '14, 18:11 seanf Thanks Sean! Would this also protect against the risks created when a WordPress plugin creates folders with 777 permissions (inside ~/webapps/mywordpress/wp-content/uploads)?
(31 Mar '14, 18:16)
PeterA
It will protect against the risk of a script being executed via the web. It won't protect against any other risks inherent to insecure file/directory permissions.
(31 Mar '14, 18:34)
seanf
|