jokerfool Posted December 5, 2011 Share Posted December 5, 2011 Can someone shed some light on my htaccess file and tell me the best way to prevent people from uploading any type of file please. Here is the file, isn't this already telling the server to not allow these file types to be uploaded, yet somehow they're still allowed too, im totally confused and any help would be appreciated please, thank you. Options +FollowSymLinks RewriteEngine on RewriteCond %{REQUEST_METHOD} ^PUT$ [OR] RewriteCond %{REQUEST_METHOD} ^MOVE$ RewriteRule ^/(.*)\.php /files/$1.nophp RewriteRule ^/(.*)\.html /files/$2.nohtml RewriteRule ^/(.*)\.htm /files/$3.nohtm RewriteRule ^/(.*)\.doc /files/$4.nodoc RewriteRule ^/(.*)\.txt /files/$5.notxt RewriteRule ^/(.*)\.tpl /files/$6.notpl RewriteRule ^/(.*)\.csv /files/$7.nocsv RewriteRule ^/(.*)\.exe /files/$8.noexe RewriteRule ^/(.*)\.dll /files/$9.nodll Quote Link to comment Share on other sites More sharing options...
btellez Posted December 5, 2011 Share Posted December 5, 2011 After a quick google, It appears, the file uploads are allowed, but the file extension would be changed according to the rules you set in your htaccess file. So .php files would get a .nophp extension instead, this keeps them from being executed on the server. Does that aspect of the .htaccess work on your server?? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.