[wp-hackers] Any drawbacks in setting WP_CONTENT_DIR (and URL) to DOCUMENT_ROOT?

Rodolfo Buaiz brasofilo at gmail.com
Fri Jul 13 18:48:54 UTC 2012


>> > Haven't tested this, but anyone can preview any troubles with this
setup
>> in
>> > wp-config.php?
>> > (WordPress installed at the root)
>> >
>> > define( 'WP_CONTENT_DIR', $_SERVER['DOCUMENT_ROOT'] );
>> > define( 'WP_CONTENT_URL', 'http://www.example.com' );
>>
>>
> There are discussions around the net the $_SERVER['DOCUMENT_ROOT'] may be
> susceptible to hacking. In which case this is extremely dangerous because
> there are lots of places that require() or include() WP_CONTENT_DIR .
> 'something';

Thanks John, Mike and Otto for the great feedback.

Now confident on going on with the envisioned setup.

Rodolfo


More information about the wp-hackers mailing list