Blocking access to php on upload directories Apache Security Webservers

This is going to be the very first post in the series,

Apache hosting with vHosts and hardening the apache webserver for max security

There are directories on your php projects where you don’t want exploiters to upload php script and in case somehow they manage to upload the php scripts, they should not be executed.

You can place the following code to do exactly the same

Blocking access to php on upload directories with .htaccess

Just create a .htaccess file in your uploads directory to block execution of any php file in the directory.

<IfModule mod_php5.c>
php_flag engine 0
</IfModule>
<IfModule mod_php7.c>
php_flag engine 0
</IfModule>
AddHandler cgi-script .php .phtml .php3 .pl .py .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI
<Files "*.*">
SetHandler !
</Files>

Blocking access to php on upload directories with .htaccess#

Blocking access to php on upload directories with .htaccess