I am using Apache with folder permissions 755.
I am having trouble understanding if this is working. I am trying to allow image files to be uploaded to content folder and prevent the upload of non-image files such as those with a .php extension. I try both of the codes below but they don't stop php files from being uploaded. My content folder is now inside my root directory. Yesterday my content folder was outside of root directory and the php files could not upload or at leased they were not visible.
1. Do I have this wrong, is the purpose of the code below not
to prevent upload but instead to prevent execution of php or other unwanted file types?
2. Do I place this inside the same folder images are in or the parent folder to that. (content/images)?
3. Do I have to restart Apache each time I replace a htaccess file to get the htaccess file to work?
deny from all
<Files ~ "^\w+\.(gif|jpe?g|png)$">
allow from all
Header set Content-Disposition attachment
Header unset Content-Disposition
Header set X-Content-Type-Options nosniff