Welcome to the Question2Answer Q&A. There's also a demo if you just want to try it out.
+1 vote
in Q2A Core by
Wordpress.org has a nice section on Hardening Wordpress detailing which directories can be "deny to all" etc on the apache server. Does one exist for Q2A?

What is the minimum public folder access required to have a functioning site but still be closed for file writes by less than favourable surfers?

I presume the plugins directory should be read only to apache and owner for a start. I also dont allow avatar or image uploads.
Q2A version: 1.6.1

Please log in or register to answer this question.