Difference between revisions of "Securing apache upload folders"

From Notes_Wiki
(Created page with "<yambe:breadcrumb>Apache_web_server_configuration|Apache web server configuration</yambe:breadcrumb> =Securing apache upload folders= To secure apache upload folders from scr...")
 
m
 
Line 1: Line 1:
<yambe:breadcrumb>Apache_web_server_configuration|Apache web server configuration</yambe:breadcrumb>
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Apache web server configuration]] > [[Securing apache upload folders]]
=Securing apache upload folders=


To secure apache upload folders from script execution use:
To secure apache upload folders from script execution use:
Line 12: Line 11:


For extreme protection set permissions on .htaccess file such that apache user through which apache is running.  This would cause apache to generate =500 Internal Server Error= whenever the directory is accessed.  This method is future proof and protects against all languages and not just php.
For extreme protection set permissions on .htaccess file such that apache user through which apache is running.  This would cause apache to generate =500 Internal Server Error= whenever the directory is accessed.  This method is future proof and protects against all languages and not just php.
[[Main Page|Home]] > [[CentOS]] > [[CentOS 6.x]] > [[Apache web server configuration]] > [[Securing apache upload folders]]

Latest revision as of 07:27, 6 March 2022

Home > CentOS > CentOS 6.x > Apache web server configuration > Securing apache upload folders

To secure apache upload folders from script execution use:

   php_flag engine off
   Options -ExecCGI

in a .htaccess file in the upload folder.

This is important because apache treats .php.jpeg extension as an executable file. So if upload code checks for files ending with .jpeg then attacker can upload his/her code easily and then execute desired commands.

For extreme protection set permissions on .htaccess file such that apache user through which apache is running. This would cause apache to generate =500 Internal Server Error= whenever the directory is accessed. This method is future proof and protects against all languages and not just php.



Home > CentOS > CentOS 6.x > Apache web server configuration > Securing apache upload folders