disable file uploads

Francis Daly francis at daoine.org
Tue Mar 24 00:00:45 UTC 2015


On Tue, Mar 24, 2015 at 12:47:38PM +1300, Steve Holdoway wrote:
> On Mon, 2015-03-23 at 22:52 +0000, Francis Daly wrote:
> > On Tue, Mar 24, 2015 at 09:13:50AM +1300, Steve Holdoway wrote:

Hi there,

> > > Is there any way to stop / disable random file uploads... for example,
> > > I'm having 'fun' with mail relays being uploaded to the cache area of a
> > > wordpress site?
> > 
> > What the difference between a request that is a file upload and a request
> > that is not a file upload, on your system?

>         # set the static ones first, then the catchall
>         # Directives to send expires headers and turn off 404 error
> logging.
>         location ~* ^/(?:uploads|files|cache|plugins)/.*\.(png|gif|jpg|
> jpeg|css|js|swf|ico|txt|xml|bmp|pdf|doc|docx|ppt|pptx|zip|woff|ttf|otf|
> xls|myo|qbb|pst|dat|qbx|bc7|cf7)$ {
>                 expires 24h;
>                 log_not_found off;
>         }

For requests that match this location block, serve from the filesystem.

>         location ~* ^/wp-content/(files|uploads|cache|plugins)/.*.(|php|
> js|swf)$ {
>                 types { }
>                 default_type text/plain;
>         }

For requests that match this location block, serve from the filesystem.

None of that seems to say "handle file uploads".

I confess I'm somewhat confused about what your question is.

What request do you make of nginx, that does not give you the response
that you want?

	f
-- 
Francis Daly        francis at daoine.org



More information about the nginx mailing list