Last active
June 9, 2016 11:14
-
-
Save aufa/2097daac1d02e4e58d4f2c818210bdf1 to your computer and use it in GitHub Desktop.
Upload to your directory that not allowed to exec behaviour script (apache only)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Deny First | |
| Deny from all | |
| # Does not allow access executable files | |
| # Allow only if not an executable / static resource | |
| # that allow to be access | |
| # note : | |
| # ?i: = hat means incase sensitive | |
| # (?!( = start except of current regex | |
| # Below setting is affected to : | |
| # .php(or anything on next), .inc, cgi(or anything on next)|any .(s?)html(s?) / .phtml(s?) file | |
| # .log / .logs| .exe(c?) | .sh(ell)? | .msi | .(s?)bin | .cmd | .ini | .(p?)env | |
| # if you want allow html executed on site | |
| # `s?p?s?html?` = change to `phtmls?` phtml is an php + html file | |
| # it will be allow html, shtml, htm will be execute | |
| <Files ~ "\.(?i:(?!(php(.+)?|inc|cgi(.+)?|s?p?s?html?s?|logs?|exec?|msi|sh(ell)?|s?bin|cmd|ini|p?env)))"> | |
| Allow From All | |
| </Files> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment