A Simple Way to Protect Your Uploads Folder
I found a simple way to protect folders that need to be writable. Its a simple htaccess file placed in the writable folder that disallows a script such as PHP, Pearl or the like from being executed.
Here’s the contents of the htaccess file:
AddType text/plain .pl .cgi .php .html .asp
It’s that simple. This line causes Apache to treat any files with extensions found in that list as if they were text files an thus making them not executable.
If you have custom extensions set up in your Apache configuration file, just add those extensions to the list and you should be good.
Obviously, if you have a script that is located in that folder, you would need to move it somewhere else and update it to accommodate for its new location. It is never a good idea to place your scripts inside a writable folder anyway.
Similar Posts:
- How to Oust Unwanted Spiders
- PHP and Paypal
- Flash on Top of Flash
- Simple Sharing Extensions (SSE) from Microsoft
- Affiliate Programs are Cool
If you enjoyed this post, please consider leaving a comment or subscribe to the feed and get future articles delivered to your feed reader.
