[pmwiki-users] Disallow scripts in upload directories

Petko Yotov 5ko at 5ko.fr
Sat Mar 23 14:16:43 CDT 2013

Oliver Betz writes:

> Petko Yotov wrote:
> >One of the shared hostings I can test appears to have no way to prevent the
> >execution of a file.php.txt. They have some custom modified version of
> >Apache with PHP/FastCGI and "Options -ExecCGI" does nothing,
> >"SetHandler ...", "AddType ...", "ForceType ..." and other suggested
> >solutions cause internal server error.
> server error always or only for file.php.txt? The latter would be
> better than nothing.

Server error always: for all files in the directory - php, jpg, txt...

Slight correction: AddType also does nothing on that shared hosting.


More information about the pmwiki-users mailing list