[Pmwiki-users] Re: more thoughts on .htaccess

Gunnar Wagenknecht g.wagenknecht
Tue Dec 7 00:44:07 CST 2004


Neil Herber schrieb:
> Please note that I am an Apache newbie and this could be wildly wrong. 
> Can someone confirm or correct please??

I'm also not an Apache expert but I tend to say "it's up to you". If you 
have access to the Apache configuration files then you can do it that 
way. But PmWiki can also be installed on shared webhosting packages 
where clients don't have access to the Apache configuration files.

> Should there be similar protection applied to the "uploads/" directory 
> to keep people from uploading scripts and executing them?

Mhm. If you deny access to the uploads directory nobody can upload files 
to it and nobody can download files from it. It's like not supporting 
uploads. What you wanna do is to disallow some file extensions and to 
downgrade scripts (php) to text files.

AddType text/plain .php

Cu, Gunnar




More information about the pmwiki-users mailing list