block .htaccess file

hello,

On my website i give ftp accounts to my visitor, so they can upload there work (mostly images ) , But the problem is they can create an simple php file and delete everything.

The soloution i come for is to block the server-side file, but the can creat an .htaccess file and get the right back to delete files.

i really want to know how to block .htaccess file , or that they can not override that setting.

thank you
kensy11Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
PapertripConnect With a Mentor Commented:
Yeah I agree with Dave, but if you can't do that for whatever reason, here is how to disable .htaccess in Apache's main config file (httpd.conf).

When the server finds an .htaccess file (as specified by AccessFileName) it needs to know which directives declared in that file can override earlier configuration directives.

AllowOverride is valid only in <Directory> sections specified without regular expressions, not in <Location>, <DirectoryMatch> or <Files> sections.

When this directive is set to None, then .htaccess files are completely ignored. In this case, the server will not even attempt to read .htaccess files in the filesystem.
Ex:

<Directory /ftpuploads>
AllowOverride None
</Directory>
0
 
Dave BaldwinFixer of ProblemsCommented:
I think the better way would be to create a PHP upload page instead of offering FTP accounts.  That way it would stay under your control.
0
All Courses

From novice to tech pro — start learning today.