Move uploads directory outside of the webroot?

the_lar · July 9, 2018, 1:28pm

Hi all,

I’m looking to change the location of my uploads directory so that it is outside of my site’s web root. This is for security purposes. I would like to configure it to be something like /my-custom-uploads-dir/ which is protected by antivirus, then have a .htaccess rule which redirects GET requests to <my_site>/app/uploads/<path_to_file> through an interface which reads the contents from my custom folder, performs checks and presents the safe file back to the requester.

I believe that this is possible, but I’m really not sure about how I would set it up using Bedrock/Sage9, so any help would be really appreciated.

Just as a side note, this also must work with Advanced Custom Fields - I’m pretty sure it will anyway but that forms a fairly crucial part of my toolset.

Many thanks
Kevin

the_lar · July 10, 2018, 8:29am

Hi,

Just a quick bump on this one… I set my UPLOADS constant in application.php:

define('UPLOADS', '../../my-custom-uploads-dir/');

There aren’t any errors on the front end and the cache files are being generated but obviously my media uploads aren’t working properly. I’m sure I’m missing some parts of the configuration, just need to know whether this is possible and how I could get it to work.

Appreciated
Kevin