Page 1 of 1

Deny directory execute permission

PostPosted: 26. July 2010 20:05
by kmukund87
Hi everyone,
I am creating an upload script for people to upload files to my website. Obviously I dont want them to upload some scripts. I want my server to give permission to users to access those files but not want the php or pearl server to execute the files.
I want to read and write permission but no execute permissions for files in a particular directory.
How do i do this?

Thanks in advance

Re: Deny directory execute permission

PostPosted: 01. August 2010 18:27
by JonB
you will need to either

A - create a .htaccess file [placed in the desired folder(s)]

or

B - make changes in the Apache .conf files (with DIrectory entries). Probably apache\conf\extra\httpd-xampp.conf or httpd-vhosts.conf, depending on your setup.

that either disable the 'handlers' or treat the files as a different MIME type in the upload folders.

I think I saw in another topic you are going to use a regex to ensure you are only receiveing (uploading) files with the right MIME types (extensions). That, plus the right Apache directives to prevent execution will cover most problems. :mrgreen:

very good article -
http://codex.wordpress.org/htaccess_for_subdirectories

Good Luck
8)