Answer the question
In order to leave comments, you need to log in
R
R
Rodion Yurchenko2018-06-05 18:55:01
Rodion Yurchenko, 2018-06-05 18:55:01
Is it possible to secure the upload of files to the server using the execution prohibition?
Good afternoon
I'm looking for the best way to secure the upload of images to the server
While I was looking, I came across many options from the category - to prohibit the execution of scripts in a folder, or upload images to a separate subdomain and again prohibit them from doing anything, or store files outside the site root, etc.
I don't I say that all these options are bad, I just have a question, why can't you just put rights like 644 on it when uploading a file, and that's it?
Yes, all sorts of not good scripts will be lying in the folder, and so on - but you can’t execute them - let them lie
Tell me - where am I wrong?
2 answer(s)
@aassdds
@shambler81
A
Alexey Sundukov, 2018-06-06 @aassdds
First, decide what problem you are solving. Who is he trying to protect and why?
V
Viktor Taran, 2018-06-06 @shambler81
You can, in the right folder, create a .htaccess file
<IfModule mod_mime.c>
RemoveHandler .php .php3 .php4 .php5 .php6 .phtml .pl .asp .aspx .cgi .dll .exe .shtm .shtml .fcg .fcgi .fpl .asmx .pht
AddType text/plain .php .php3 .php4 .php5 .php6 .phtml .pl .asp .aspx .cgi .dll .exe .shtm .shtml .fcg .fcgi .fpl .asmx .pht
</IfModule>
<IfModule mod_php5.c>
php_flag engine off
</IfModule
Similar questions
S
S
R
H
K
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question