[wp-hackers] WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
Jeremy Clarke
jer at simianuprising.com
Wed Nov 11 17:23:14 UTC 2009
.htaccess idea sounds really lightweight and nice. A related solution
is to turn off PHP execution in the apache config for your server (if
you have access) for any directories that are writable. At one point
attackers had uploaded php files without any .php extension in them
and were managing to load them, but this stopped it.
# Cache dir
<Directory /var/www/path_to_site/wp-content/cache>
AllowOverride None
php_admin_flag engine off
php_admin_value open_basedir none
</Directory>
# media upload dir
<Directory /var/www/path_to_site/wp-content/uploads>
AllowOverride None
php_admin_flag engine off
php_admin_value open_basedir none
</Directory>
It leaves room for other types of code if your server is configured to
run them though.
--
Jeremy Clarke | http://jeremyclarke.org
Code and Design | http://globalvoicesonline.org
More information about the wp-hackers
mailing list