[wp-hackers] Any drawbacks in setting WP_CONTENT_DIR (and URL) to DOCUMENT_ROOT?

Mike Little wordpress at zed1.com
Fri Jul 13 15:57:43 UTC 2012


On 13 July 2012 15:55, John Blackbourn <johnbillion+wp at gmail.com> wrote:

> On 13 July 2012 15:33, Rodolfo Buaiz <brasofilo at gmail.com> wrote:
> > G'evening, wp-hackers out there!
> >
> > Haven't tested this, but anyone can preview any troubles with this setup
> in
> > wp-config.php?
> > (WordPress installed at the root)
> >
> > define( 'WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'] );
> > define( 'WP_CONTENT_URL', 'http://www.example.com' );
>
>
There are discussions around the net the $_SERVER['DOCUMENT_ROOT'] may be
susceptible to hacking. In which case this is extremely dangerous because
there are lots of places that require() or include() WP_CONTENT_DIR .
'something';


Mike





> I've had this structure active on a site for the last 18 months and
> haven't seen any problems. As with any change to the location of the
> content directory, you'll need to double check any plugins you add to
> the site don't assume that the content directory is at wp-content.
> Most plugins should be fine, but there are bound to be plugins out
> there that still hard code path such as 'wp-content/plugins'.
>
> John
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
>


-- 
Mike Little
http://zed1.com/


More information about the wp-hackers mailing list