I am worried on installing Wp-Minify plugin. But it needs 777 permission for the cache directory located inside wp-uploads directory. Isn't it a security issue?
I am worried on installing Wp-Minify plugin. But it needs 777 permission for the cache directory located inside wp-uploads directory. Isn't it a security issue?
Share Improve this question edited Dec 29, 2012 at 10:45 fuxia♦ 107k39 gold badges255 silver badges459 bronze badges asked Dec 29, 2012 at 9:57 jamesjames 12 Answers
Reset to default 0toscho is right. So you could probably give a try to another plugin. The Better Wordpress Minify.
This one also uses a folder inside the plugin's folder, BUT. You can change the folder and place it elsewhere. Please have a look at Advanced Customization. screenshot http://s.wordpress/extend/plugins/bwp-minify/screenshot-1.gif
We have been using it without a problem.
It doesn’t need 777. The author recommends it, but you don’t have to follow that. The usual file permissions should be good.
The real problem: the plugin wants to write into its own plugin directory.
var $cache_location = 'wp-content/plugins/wp-minify/cache/';
This is bad. After each update, the whole cache will be gone, and if you don’t allow write access to the plugin directory by default, the plugin will just not work.
And a hard codet wp-content directory is a rather bold assumption. It should use the constant WP_CONTENT_DIR, because the real name and path of that directory is configurable.