Results 1 to 2 of 2
Feb 20, 2012, 17:10 #1
- Join Date
- Jan 2007
- 1 Post(s)
- 0 Thread(s)
Preventing a hacker from uploading a file / prevent from executing
I just found a few malicious files in the upload folders on my site. Is there a way to limit what types of files can be uploaded with htaccess or at least prevent php files from executing in certain directories?
Feb 20, 2012, 17:28 #2
If you had a folder /upload, you would put it at /upload/.htaccess,
within the file.
Note: Disable_All_File_Execution means nothing, you're basically setting "SetHandler" directive to an invalid handler, so that files aren't executed.
The next step after this, is to prevent users from uploading malicious files in the first place.