httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Pasher <just...@newmediagateway.com>
Subject Re: [users@httpd] Doubt about disabling access to PHP files
Date Fri, 13 Mar 2009 18:47:56 GMT
Leandro Silva wrote:
> Hi,
>
> In the company where I work, we have a windows server with apache/php 
> instaled with a shared folder in our network. The workers of company 
> can put any file on this folder to be visible at the internet through 
> the http protocol. We are having a problem because they can put PHP 
> files on this folder and these files are executed by the CGI/PHP.
>
> I can not desinstall the PHP because I have other files at specific 
> URLs wich have to be executed by the CGI/PHP.
>
> Anyone knows how to deny access to PHP pages at only one folder?

Do you just want to prevent the file from running using the PHP handler 
or prevent download access completely? If you want to accept PHP files, 
but have them treated as text instead, you can override the file type 
for specific directories.

<Directory /some/dir/here>
    AddType text/plain .php
</Directory>

Otherwise you can do as Andre suggested to completely block access to 
the files.

-- 
Justin Pasher

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message