1
goffy
htaccess and uploads dir
  • 2016/12/24 9:28

  • goffy

  • Just can't stay away

  • Posts: 543

  • Since: 2010/12/27


hi all

I have problems with access to my uploaded pics in directory ../uploads/images/

in uploads and images directory there is a htaccess file with folloowing content
# secure directory by disabling script execution
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi .php5 .php4 .php3 .phps
Options 
-ExecCGI -Indexes

these htaccess files are created with default installation of xoops.

How can I solve this?
- delete the htaccess files? (Quick solution, but secure?)
- Do I need addtional settings on my server?

2
geekwright
Re: htaccess and uploads dir

That .htaccess file is for defense in depth. It is supposed to make sure that even if a script file, like a .php file, is uploaded to the directory, it will not be allowed to run.

There are a lot of different ways a sever can be configured, and some of those will throw an error if a .htaccess file is found, especially in a subdirectory.

There are supposed to be other checks along the way that prevent uploading script files, so if it is causing problems, the .htaccess file can be deleted. As an added protection, make sure the directory permissions are as restrictive as possible, i.e. 0755, or 0775.

Login

Who's Online

216 user(s) are online (150 user(s) are browsing Support Forums)


Members: 0


Guests: 216


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits