A Simple Way to Protect Your Uploads Folder
I found a simple way to protect folders that need to be writable. Its a simple htaccess file placed in the writable folder that disallows a script such as PHP, Pearl or the like from being executed.
Here’s the contents of the htaccess file:
AddType text/plain .pl .cgi .php .html .asp
It’s that simple. This line causes Apache to treat any files with extensions found in that list as if they were text files an thus making them not executable.
If you have custom extensions set up in your Apache configuration file, just add those extensions to the list and you should be good.
Obviously, if you have a script that is located in that folder, you would need to move it somewhere else and update it to accommodate for its new location. It is never a good idea to place your scripts inside a writable folder anyway.
Similar Posts:
Leave a comment
 |
 |
|
Site Sponsors
Recent Posts
Archives
- January 2010 (2)
- December 2009 (1)
- May 2009 (1)
- December 2007 (1)
- November 2007 (1)
- October 2007 (1)
- September 2007 (3)
- August 2007 (6)
- July 2007 (1)
- June 2007 (3)
- December 2006 (1)
- November 2006 (3)
- October 2006 (2)
- August 2006 (1)
- July 2006 (2)
- June 2006 (3)
- May 2006 (1)
- March 2006 (4)
- February 2006 (2)
- January 2006 (1)
- December 2005 (7)
- November 2005 (7)