Code Execution Allowed in Public Folder

  • Resolved kathywirth

    (@kathywirth)


    3 months, 3 weeks ago

    Hi. Really Simple SSL just started displaying “Code Execution Allowed in Public Folder.” When I save the option to disable this, the message remains.

    I contacted my host, Dreamhost, and they replied:

    “the notice for “Code execution is allowed in the public
    ‘Uploads’ folder.” should remove on it’s own however the code is execute
    via .htaccess file which is not used in nginx. In this case, you would
    need to contact reallysimplessl to see if they support nginx or have an
    alternative rule we can add to the nginx.conf file rather than the
    uploads directory.”

    Any help much appreciated.

    The page I need help with: [log in to see the link]

Viewing 1 replies (of 1 total)
  • Plugin Author Mark

    (@markwolters)

    Hi @kathywirth,

    to prevent code execution in the uploads folder on NGINX your host can add the following code to your NGINX config:

    location ~* /uploads/.*\.php$ {
    return 503;
}

    Let me know if you have any other questions.

Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.