Solved

How to disable php in a directory used for file uploads?

Posted on 2008-10-30
4
592 Views
Last Modified: 2013-12-13
Within a hosting account at Godaddy, I have 15 domains running, each in a subdirectory off the host root.  In addition, there are subdirectories off the root for various ftp accounts.  I need to make sure no one can run php scripts or do anything else potentially damaging from within any of those ftp file upload directories.  Right now, there is nothing to stop people from uploading nasty php and causing problems for my host setup.

Godaddy tech support stated the php.ini and/or htaccess files can control the availability of php on those directories.  Their advice was to google this, but I have been unable to find an explanation for how to do what I need.  Hence, I need to put down points to get help with this.  :-)

I am thinking the information I need must be pretty simple, something like,

"put 'yidda blong bling' into htaccess within the directories you want php turned off, plus do this other thing in php.ini file."

A simple explanation for how to do what I need here would be extremely valuable to me right about now.  As always, any information, comments, suggestions will be extremely much appreciated.

I use php, mysql all the time, but never got a handle on htaccess before.  I have tweaked a few things in php.ini.  Thanks in advance.
0
Comment
Question by:Danimal
  • 2
4 Comments
 
LVL 17

Accepted Solution

by:
psimation earned 75 total points
Comment Utility
0
 
LVL 17

Expert Comment

by:psimation
Comment Utility
PS, the link mentions changes to your httpd.conf file - if you have apache server and you can add .htaccess, then you can add this to a .htaccess file and dont need to edit httpd.conf ( which godaddy will probably not allow anyway)
0
 
LVL 1

Author Closing Comment

by:Danimal
Comment Utility
Excellent, exactly what the dr. ordered.  
0
 

Expert Comment

by:Robert_Lawson_Brown
Comment Utility
As of January 25, 2011, the link given above appears to dead.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Introduction Many web sites contain image galleries; a common design for these galleries includes a page with a collection of thumbnail images.  You can click on each of the thumbnail images to see the larger version of the image.  This is easily i…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to dynamically set the form action using jQuery.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now