[wp-trac] [WordPress Trac] #36467: disable zip extension in themes directroy
WordPress Trac
noreply at wordpress.org
Sun Apr 10 21:44:40 UTC 2016
#36467: disable zip extension in themes directroy
-------------------------+-----------------------------
Reporter: ahmedash95 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version:
Severity: normal | Keywords:
Focuses: template |
-------------------------+-----------------------------
a lot of developers upload theme zip file to wp-
content/themes/theme_name.zip then they extact the file and forget to
remove it later . and thats make it easy to anyone to download this seem
later if he view source and get theme directory wp-
content/themes/ahmed_theme/style.css if he tries to download the file wp-
content/themes/ahmed_theme.zip the file will start to download . so i
think wordpress default htaccess must come with this rewrite rule to
protected users .
{{{
RewriteRule ^wp-content/themes/.*\.(zip|rar)$ - [F,L,NC]
}}}
--
Ticket URL: <https://core.trac.wordpress.org/ticket/36467>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list