Protect chmod 777 folders

Sometimes linux hosting users need to change the permissions on a folder to use upload scripts or other applications that need this permissions.

With chmod 777 ther folder gain the rights: writing / execute and read for everyone. Hackers like this folders.

How can you protect that folders?
You can turn PHP off on that folder and disable php / html / perl files.

How can it be done?
Create this .htaccess in the folder:

php_flag engine off
<Files ~ "\.(php*|s?p?html|cgi|pl)$">
deny from all
</Files>

Thats it, you just increased the security level on this folders.

6:29 AM | Tags: , , |

This entry was posted on 6:29 AM and is filed under apache , php , security . You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

0 Comments:

Post a Comment

Subscribe to: Post Comments (Atom)