Last active
August 4, 2017 10:20
-
-
Save barryvdh/8f189c0145f69f76b77a99e579973d98 to your computer and use it in GitHub Desktop.
Disable PHP execution
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Turn off all options we don't need. | |
| Options None | |
| Options +FollowSymLinks | |
| # Set the catch-all handler to prevent scripts from being executed. | |
| SetHandler Security_Do_Not_Remove_This_Line | |
| <Files *> | |
| # Override the handler again if we're run later in the evaluation list. | |
| SetHandler Security_Do_Not_Remove_This_Line | |
| </Files> | |
| # If we know how to do it safely, disable the PHP engine entirely. | |
| <IfModule mod_php5.c> | |
| php_flag engine off | |
| </IfModule> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location ^~ /storage/ { | |
| access_log off; | |
| expires 30d; | |
| add_header Pragma public; | |
| add_header Cache-Control "public"; | |
| # Prevent php files from being accessible in this location | |
| location ~ \.php$ { | |
| return 403; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment