Apache – Secure upload directories

It’s very important to secure directories which are being used as the destination dir for web uploads. You can do this by adding the following entries into the .htaccess file: Options -Indexes AddHandler cgi-script .php .php3 .php4 .php5 .phtml .pl .py .jsp .asp .htm .shtml .sh .cgi .txt Options -ExecCGI Just a small step to miss, but the impact may be huge. PS: Make sure that no directories...

August 6th, 2010 by Akhthar Parvez 

PHP error – URL file-access is disabled in the server configuration

If you get the following error while accessing a PHP script URL file-access is disabled in the server configuration Add the following into the .htaccess file for the particular website to get this work. php_flag allow_url_include Off Note: However, it’s highly recommended to keep allow_url_include disabled as it would be a security risk otherwise. This function allows remote files to be executed...

January 17th, 2010 by Akhthar Parvez