LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   how to secure the upload (https://www.linuxquestions.org/questions/linux-security-4/how-to-secure-the-upload-160255/)

abd_bela 03-20-2004 01:07 PM
how to secure the upload
 
Hi,
I drive my web server with apache/php, and permit to the users who have a count to upload , the users are declared nologin.
Unfortunatly then can upload a php program for example , and run it, and can see every thing in my disk. because the php application is running by apache.
How to deny the execution of the php program, is there something in apache config ? , the problem is that toexecute a php program you only need read permission, and if you remove the read permission nobody can download the file.
Ok , there is a possibility , change the extension or add another one like for exemple txt. May be better solution exists.
thanks for help
bela

markus1982 03-20-2004 09:28 PM
In your VirtualHost area put

Code:
<Location /nophp>
php_admin_value engine 0
</Location>

abd_bela 03-21-2004 12:01 PM
thank you,
in fact I have not define a virtual host
any way I 'll try to check it
thanks again
bela


All times are GMT -5. The time now is 04:05 PM.