Home › Forums › BulletProof Security Pro › Unable to Download gz or tar files, Uploads Anti-Exploit Guard htaccess file
Tagged: download gz files, UAEG, unable to download gz files, unable to download tar files, Uploads Anti-Exploit Guard, Uploads folder htaccess file
- This topic has 2 replies, 1 voice, and was last updated 11 years, 6 months ago by AITpro Admin.
-
AuthorPosts
-
AITpro AdminKeymaster
Email Question:
I edited the .htaccess file in our uploads folder to remove the gz extension from the list so that people can download our .tar.gz files that we have on our site. This allows those files to be downloaded now, but when they get saved to disk, the extension has changes to .tar.tar.
Do you have any idea why this is happening and how I can fix it?
Thanks,
Answer:
Please also remove the “tar” file type from the Uploads Anti-Exploit Guard .htaccess file.
Email Response:
That did it.
Thanks!
KevinAITpro AdminKeymasterEmail Question:
Hello there,
I am having problem with all the .tar.tz file download file from our website raima.com located at /home/xxxxx/xxxxx/wp-content/uploads/helloWorldSamples . The example url is http: //www.example.com/wp-content/uploads/helloWorldSamples/SQL14_lnx32.tar.gz
However, it works for .zip file.
I contacted my hosting and they replied me that it is a bullet proof security issue.
Would you mind to explain me?
Thanks
BhupendraAITpro AdminKeymasterUpdate: A new Uploads Anti-Exploit Guard (UAEG) Read Me First Sticky Topic has been created in the link below.
http://forum.ait-pro.com/forums/topic/uploads-anti-exploit-guard-uaeg-read-me-first/
To edit your Uploads Anti-Exploit Guard .htaccess file go to the B-Core htaccess File Editor tab page, click on the “Your Current Uploads htaccess File” tab and delete the file extension that you want to allow. In this case delete gz and tar.
(7z|as|bat|bin|cgi|chm|chml|class|cmd|com|command|dat|db|db2|db3|dba|dll|DS_Store|exe|gz|hta|htaccess|htc|htm|html|htx|idc|ini|ins|isp|jar|jav|java|js|jse|jsfl|json|jsp|jsx|lib|lnk|out|php|phps|php5|php4|php3|phtml|phpt|pl|py|pyd|pyc|pyo|rar|shtm|shtml|sql|swf|sys|tar|taz|tgz|tpl|vb|vbe|vbs|war|ws|wsf|xhtml|xml|z|zip)
After deleting gz and tar.
(7z|as|bat|bin|cgi|chm|chml|class|cmd|com|command|dat|db|db2|db3|dba|dll|DS_Store|exe|hta|htaccess|htc|htm|html|htx|idc|ini|ins|isp|jar|jav|java|js|jse|jsfl|json|jsp|jsx|lib|lnk|out|php|phps|php5|php4|php3|phtml|phpt|pl|py|pyd|pyc|pyo|rar|shtm|shtml|sql|swf|sys|taz|tgz|tpl|vb|vbe|vbs|war|ws|wsf|xhtml|xml|z|zip)
-
AuthorPosts
- You must be logged in to reply to this topic.