Skip to:
Content
Pages
Categories
Search
Top
Bottom

Sucuri and admin-ajax.php


  • Blake
    Participant

    @bcerecero

    5 years, 4 months ago

    I have an issue where I have https://sucuri.net locking down the wp-admin interface for security purposes to specific IP addresses.

    The BuddyPress plugin profile and cover image upload fields, on the profile page, appear to be using the wp-admin/admin-ajax.php file to upload images to the site. I also have users who log into the site, but only on the front-end of the site. They do not have access to the admin section. These users are not able to upload images since the admin section is locked down.

    One thinking I noticed was that if I disable javascript in my browser for the profile photo upload screen the UI falls back to a PHP based upload mechanism. Is there a way to make the PHP method the default for all forms in BuddyPress so that I don’t have to unlock my admin interface?

    Thank you for any help.

  • You must be logged in to reply to this topic.

Topic Info

Topic Tags

Skip to toolbar