XOOPS 
Forum
Forum Index General Forums Community Support Modules Support Themes Support Development International Support Module Hack Reviews Theme Designer Talk
  1. Board index / 
  2. XOOPS Modules Support forums / 
  3. Module usage questions 
  4.  / htaccess and uploads dir
Register
1
goffy
htaccess and uploads dir

  • 2016/12/24 9:28

  • goffy

  • Just can't stay away

  • Posts: 543

  • Since: 2010/12/27


hi all

I have problems with access to my uploaded pics in directory ../uploads/images/

in uploads and images directory there is a htaccess file with folloowing content
# secure directory by disabling script execution
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi .php5 .php4 .php3 .phps
Options -ExecCGI -Indexes

these htaccess files are created with default installation of xoops.

How can I solve this?
- delete the htaccess files? (Quick solution, but secure?)
- Do I need addtional settings on my server?
2
geekwright
Re: htaccess and uploads dir

That .htaccess file is for defense in depth. It is supposed to make sure that even if a script file, like a .php file, is uploaded to the directory, it will not be allowed to run.

There are a lot of different ways a sever can be configured, and some of those will throw an error if a .htaccess file is found, especially in a subdirectory.

There are supposed to be other checks along the way that prevent uploading script files, so if it is causing problems, the .htaccess file can be deleted. As an added protection, make sure the directory permissions are as restrictive as possible, i.e. 0755, or 0775.

Login

Register now!  |  Lost Password?

Search

Advanced Search

Recent Posts

Who's Online

382 user(s) are online (294 user(s) are browsing Support Forums)

Members: 0

Guests: 382

more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits