You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Oliver Betz <li...@gmx.net> on 2013/03/14 16:12:39 UTC
[users@httpd] Disallow script execution in directory
Hi,
since there are many ways to configure script interpreters, I'm
looking for a safe and universal way to disallow execution of scripts
in certain directories, i.e. directories where CMS users can upload
files.
I found two settings:
"Options -ExecCGI" - seems to be effective in usual virtual hosting
environments but doesn't help for languages running as module.
"SetHandler default-handler" works also for script languages running
as module.
I'm afraid I overlooked something, could you please rate the options
mentioned above or point me to even better solutions?
I would also like to learn why "SetHandler None" documented in
http://httpd.apache.org/docs/current/mod/core.html#sethandler didn't
make any difference in my experiments.
Thanks in advance,
Oliver
--
Oliver Betz, Munich http://oliverbetz.de/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: Disallow script execution in directory
Posted by Oliver Betz <li...@gmx.net>.
Hello,
was my question inappropriate for this group? Please tell me a better
place in this case.
Thanks in advance,
Oliver
--
Oliver Betz, Munich http://oliverbetz.de/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org