WordPress Business Themes › Forums › General Discussion › Sucuri and DirectoryPress
Sorry if this has been covered but I can’t search the old forum.
I am using the Sucuri plugin with Directory press 1.7.4. I have two quick questions:
1. Does Directory Press use TimThumb or similar scripts?
2. Sucuri wants to block direct PHP access to any file inside wp-includes. Is this ok to do with DirectoryPress?
1. DP is using TimThumb script in advanced-recent-posts plugin (can be found in the Widget Area)
2. You might face some issues here.
tip: backup your whole wp directory+dp, your database and try using Sucuri with direct PHP access block level.
As far as I know, DirectoryPress does not use TimThumb. It uses its own image resizing function which can be found in class_image.php
@Shakib, can you tell me where did you find any reference to timthumb?
There hasnt been any TimThumbs for along time now, the above file isnt part of our themes, looks like a plugin.
Thanks, I ran a scan using the plugin Tim Thumb Vulnerability Scanner and it came up with no Tim Thumbs in the theme so this supports what Mark is saying.
How about blocking PhP access to any file in WP-includes???
you might find WordPres needs access to some of those files.
Submit your feature requests to our ideas board and it could be included in a future theme update.
or contact our support team