Welcome to WebmasterWorld Guest from 18.208.186.19

Forum Moderators: Ocean10000 & phranque

Message Too Old, No Replies

htaccess question or CHMOD

Unsure....

     
1:12 pm on Jan 20, 2004 (gmt 0)

New User

10+ Year Member

joined:Aug 1, 2003
posts:3
votes: 0


Hello people. Right this is a wierd question so please bear with me.. I allow users to upload there submissions to there website, I am scared I am going to get a muppet upload a PHP script and in theory delete or cause damage. If the user guessed the URL to the file he could that script and the damage could start What CHMOD could I put the file so it would Download but no Execute. This Senerio is only in one file so any help is welcome

CHMOD or HTAccess would be the best way for me. Any ideas people.

Thanks for your help

Chris Olver

1:55 pm on Jan 20, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 22, 2002
posts:1751
votes: 0


In .htaccess in the upload directory, add this:

RemoveType .php

That should prevent php-scripts from being parsed in that directory and all directories beneath it. Add lines for each php-extension; i.e. if your server is set to parse .php3 as well, you'll need to add
RemoveType .php3