Doubt on Firewall Policies – Files Upload

  • Resolved Agent Deepak

    (@agentdeepak)


    9 years, 11 months ago

    Firewall Policies – Files Upload is disallowed by Default. What exactly is this? Also what is Sanitise filenames?

    I logged into my site as editor and was unable to upload images for posts. Then I changed it to allow and was able to upload files. I hope I did the right thing to allow.

    Now I see in my firewall logs
    20/Apr/15 07:58:52 #4444814 upload – 94.153.8.126 POST /wp-admin/admin-ajax.php – Allowing file upload – [revslider.zip, 36,739 bytes]

    There were 3 attempts in total, diff IP.

    Was this blocked or not? Since no rule showed I was worried. Fortunately I do not see and Rev Slider folder or zip in upload folder so far.

    How/Why is the log saying – “Allowing file upload”?

    I am a bit worried and confused. Do clarify this for me.

    https://www.ads-software.com/plugins/ninjafirewall/

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author nintechnet

    (@nintechnet)

    Hi,

    You are allowing file upload, therefore the firewall does not block any upload attempt. See this discussion about uploads and how PHP handles them: Question about file uploads

    Regarding options description, you can click on the contextual “Help” tab on the upper right corner of each page:

    File Uploads: whether to allow/disallow file uploads.
    Sanitise filenames: any character that is not a letter (a-zA-Z), a digit (0-9), a dot (.), a hyphen (-) or an underscore (_) will be removed from the filename and replaced with the X character.

    Thread Starter Agent Deepak

    (@agentdeepak)

    OK, thanks for the explanation.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Doubt on Firewall Policies – Files Upload’ is closed to new replies.