Jump to content

What does this .htaccess do?


DeX

Recommended Posts

I need a file upload tool so I checked out the Blue Imp project on GitHub and everything works fine if I comment out all the lines in the .htaccess file. If I leave the lines in, I get an error when trying to view the file on my server. Commenting them out allows me to view the file no problem.

 

Here is the error I get when I leave the .htaccess file alone:

 

 

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at [no address given] to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Apache/2.4.18 (Ubuntu) Server at development.********.ca Port 80

 

Here is the .htaccess file, the default file that came with the project:

# The following directives prevent the execution of script files
# in the context of the website.
# They also force the content-type application/octet-stream and
# force browsers to display a download dialog for non-image files.
SetHandler default-handler
ForceType application/octet-stream
Header set Content-Disposition attachment

# The following unsets the forced type and Content-Disposition headers
# for known image files:
<FilesMatch "(?i)\.(gif|jpe?g|png)$">
	ForceType none
	Header unset Content-Disposition
</FilesMatch>

# The following directive prevents browsers from MIME-sniffing the content-type.
# This is an important complement to the ForceType directive above:
Header set X-Content-Type-Options nosniff

# Uncomment the following lines to prevent unauthorized download of files:
#AuthName "Authorization required"
#AuthType Basic
#require valid-user

I first tried it with a file named 035.JPG and I thought maybe it had a problem with the file extension so I tried it again with uploading 035.jpg. That didn't work so I tried again with a different image named studio.png (Android Studio logo) and they all act the same. All files are very small thumbnails. My goal here is to keep the security of the file but allow my users to view the images they upload.

Link to comment
Share on other sites

Just to clarify, I needed an image uploader tool so I decided to use this GitHub project I found. It works great with image uploads on my server except for this error I'm getting because of the .htaccess file. The error happens when I try and view the image uploaded through the tool. Commenting out the lines in the file makes everything work perfectly but I want to leave them in if they're a security measure.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.