WP 2.5?

ronnie · 2008-04-07, 10:29 PM

Am I missing something here, I just realized, seemed the whole deal with setting the htaccess file to 777 was so Wordpress could write the new htaccess file for you? It's always been like that.

Then again, when you set up permalinks, WP gives you the htaccess code, you just copy and paste it into your htaccess file and upload it.

Not much need to have a security hole so that WP can write the file instead of just doing it yourself.

Just like when I see people changing the file permissions on their theme files, so they can edit them in WP, when it's just as easy to do it with a web page editor.

Perfect example, some one hacked one of my blogs this am (partly my fault, left less then secure WP pass as it was), if all my files where editable (777), they could have done much more. They could have done little things that I might not even notice.

This was no 2.5 bug or error.

Or I missed something?

2008-04-07, 10:29 PM	#26
ronnie Wheither you think you can or you think you can't, Your right. Join Date: Jun 2004 Location: midwest Posts: 2,274	Am I missing something here, I just realized, seemed the whole deal with setting the htaccess file to 777 was so Wordpress could write the new htaccess file for you? It's always been like that. Then again, when you set up permalinks, WP gives you the htaccess code, you just copy and paste it into your htaccess file and upload it. Not much need to have a security hole so that WP can write the file instead of just doing it yourself. Just like when I see people changing the file permissions on their theme files, so they can edit them in WP, when it's just as easy to do it with a web page editor. Perfect example, some one hacked one of my blogs this am (partly my fault, left less then secure WP pass as it was), if all my files where editable (777), they could have done much more. They could have done little things that I might not even notice. This was no 2.5 bug or error. Or I missed something?