Greetings,
I'm almost finished (fingers crossed) to update a website I manage to drupal 7.24
Everything seems OK and I've already updated the .htaccess files in sites/*/files/ as explained in
https://drupal.org/SA-CORE-2013-003
The only thing I'm not sure about is where that page says:
Additionally, the .htaccess of the temporary files directory and private files directory (if used) should include this command:
Deny from all
my temporary files directory as shown in /admin/config/media/file-system is /tmp (private file system path is empty). Should I put an ..htaccess in /tmp too???
I believe not, but I'd rather have confirmation.
Thanks! Marco
Hi Marco,
I put a htaccess file with 'Deny from all' added to the last line, into /tmp as explained (Drupal 6) It was an empty directory. Then I ran the Status report. I see the Temporary files directory----not fully protected. So I'm wondering if I've placed 'Deny from all' on the wrong line in the htaccess file?
Nothing else appears strange.
Howard
On 6 December 2013 06:29, M. Fioretti mfioretti@nexaima.net wrote:
Greetings,
I'm almost finished (fingers crossed) to update a website I manage to drupal 7.24
Everything seems OK and I've already updated the .htaccess files in sites/*/files/ as explained in
https://drupal.org/SA-CORE-2013-003
The only thing I'm not sure about is where that page says:
Additionally, the .htaccess of the temporary files directory and private files directory (if used) should include this command:
Deny from all
my temporary files directory as shown in /admin/config/media/file-system is /tmp (private file system path is empty). Should I put an ..htaccess in /tmp too???
I believe not, but I'd rather have confirmation.
Thanks! Marco
-- [ Drupal support list | http://lists.drupal.org/ ]
On Fri, Dec 06, 2013 12:03:31 PM +0900, Howard Barr wrote:
Hi Marco,
I put a htaccess file with 'Deny from all' added to the last line, into /tmp as explained (Drupal 6) It was an empty directory. Then I ran the Status report. I see the Temporary files directory----not fully protected. So I'm wondering if I've placed 'Deny from all' on the wrong line in the htaccess file?
Hi, Howard,
no idea myself, that's why I asked... Marco
There have been reports that the error message still persists even after putting the file in.
http://www.ostraining.com/blog/drupal/drupal-724-tmp-directory/
Jamie Holly http://hollyit.net
On 12/6/2013 5:49 AM, M. Fioretti wrote:
On Fri, Dec 06, 2013 12:03:31 PM +0900, Howard Barr wrote:
Hi Marco,
I put a htaccess file with 'Deny from all' added to the last line, into /tmp as explained (Drupal 6) It was an empty directory. Then I ran the Status report. I see the Temporary files directory----not fully protected. So I'm wondering if I've placed 'Deny from all' on the wrong line in the htaccess file?
Hi, Howard,
no idea myself, that's why I asked... Marco
It seems the easiest way to fix this is to delete the .htaccess file from those directories and then save the file systems settings. That will place an approved version into those directories.
Nancy
From: Jamie Holly There have been reports that the error message still persists even after putting the file in.
http://www.ostraining.com/blog/drupal/drupal-724-tmp-directory/
Just delete the .htaccess files in files and tmp and visit /admin/config/media/file-system and Save, Drupal 7.24 will create the correct .htaccess files. If this doesn't work for tmp try putting a dot before the /tmp in the tmp field so ./tmp and save again.
Neil
On 6 December 2013 12:29, Nancy Wichmann nan_wich@bellsouth.net wrote:
It seems the easiest way to fix this is to delete the .htaccess file from those directories and then save the file systems settings. That will place an approved version into those directories.
*Nancy*
*From:* Jamie Holly
There have been reports that the error message still persists even after putting the file in.
http://www.ostraining.com/blog/drupal/drupal-724-tmp-directory/
-- [ Drupal support list | http://lists.drupal.org/ ]
-
Howard Barr -
Jamie Holly -
M. Fioretti -
Nancy Wichmann -
Neil Adair