Answer the question
In order to leave comments, you need to log in
A
A
Aricus2020-10-24 17:46:24
Aricus, 2020-10-24 17:46:24
How to prevent the execution of files in .htaccess in a folder on the server?
I have a site on a local xampp server. For security reasons, I try to prohibit the execution of all files, except for pictures, in the folder where site users upload files. It is necessary that these files can only be downloaded. I write in .htaccess :
ForceType application/octet-stream
<FilesMatch ".gif$
ForceType image/gif
</FilesMatch>
<FilesMatch ".jpe?g$
ForceType image/jpeg
</FilesMatch>
<FilesMatch ".png$
ForceType image/png
</FilesMatch>However, when I write the path to the file in the browser, I get a 500 error, both for the .php file and for the .png image. When I try to download, it says "Error: server problem.", And in the picture the extension was replaced by .htm, although I wrote correctly in the download link.
1 answer(s)
@shambler81
V
Viktor Taran, 2020-10-27 @shambler81
<IfModule mod_mime.c>
<Files ~ \.(php|php3|php4|php5|php6|phtml|pl|asp|aspx|cgi|dll|exe|shtm|shtml|fcg|fcgi|fpl|asmx|pht|py|psp|rb|var)>
SetHandler text/plain
ForceType text/plain
</Files>
</IfModule>
<IfModule mod_php5.c>
php_flag engine off
</IfModule>
Similar questions
K
A
T
G
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question