[wp-trac] [WordPress Trac] #36467: disable zip extension in themes directroy

WordPress Trac noreply at wordpress.org
Mon Apr 11 01:26:50 UTC 2016


#36467: disable zip extension in themes directroy
-------------------------+-----------------------
 Reporter:  ahmedash95   |       Owner:
     Type:  enhancement  |      Status:  closed
 Priority:  normal       |   Milestone:
Component:  General      |     Version:
 Severity:  normal       |  Resolution:  wontfix
 Keywords:               |     Focuses:  template
-------------------------+-----------------------
Changes (by dd32):

 * status:  new => closed
 * resolution:   => wontfix
 * milestone:  Awaiting Review =>


Comment:

 At this time, we don't add rewrite rules to block access to files - if a
 user doesn't want files downloadable, they shouldn't be placed within a
 publicly readable location, or should have a unqiue non-guessable
 filename.

 Some security plugins are known to add extra rewrite rules to potentially
 block invalid requests, I don't think I've seen any of those add a similar
 rule to this either.

--
Ticket URL: <https://core.trac.wordpress.org/ticket/36467#comment:1>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform


More information about the wp-trac mailing list