Solved

block .htaccess file

Posted on 2011-09-24
2
373 Views
Last Modified: 2012-05-12
hello,

On my website i give ftp accounts to my visitor, so they can upload there work (mostly images ) , But the problem is they can create an simple php file and delete everything.

The soloution i come for is to block the server-side file, but the can creat an .htaccess file and get the right back to delete files.

i really want to know how to block .htaccess file , or that they can not override that setting.

thank you
0
Comment
Question by:kensy11
2 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 36593742
I think the better way would be to create a PHP upload page instead of offering FTP accounts.  That way it would stay under your control.
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 500 total points
ID: 36593806
Yeah I agree with Dave, but if you can't do that for whatever reason, here is how to disable .htaccess in Apache's main config file (httpd.conf).

When the server finds an .htaccess file (as specified by AccessFileName) it needs to know which directives declared in that file can override earlier configuration directives.

AllowOverride is valid only in <Directory> sections specified without regular expressions, not in <Location>, <DirectoryMatch> or <Files> sections.

When this directive is set to None, then .htaccess files are completely ignored. In this case, the server will not even attempt to read .htaccess files in the filesystem.
Ex:

<Directory /ftpuploads>
AllowOverride None
</Directory>
0

Featured Post

Networking for the Cloud Era

Join Microsoft and Riverbed for a discussion and demonstration of enhancements to SteelConnect:
-One-click orchestration and cloud connectivity in Azure environments
-Tight integration of SD-WAN and WAN optimization capabilities
-Scalability and resiliency equal to a data center

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found this questions asking how to do this in many different forums, so I will describe here how to implement a solution using PHP and AJAX. The logical flow for the problem should be: Write an event handler for the first drop down box to get …
Have you tried to learn about Unicode, UTF-8, and multibyte text encoding and all the articles are just too "academic" or too technical? This article aims to make the whole topic easy for just about anyone to understand.
The viewer will learn how to dynamically set the form action using jQuery.
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question