You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Al Andersen <ap...@viajante.com> on 2002/02/18 02:30:34 UTC

Uploaded Files Executable?

I'm using Apache 1.3.23, Linux, and PHP to handle my web content. I provide 
links on some of my web pages for users to download files.

My problem is PHP files. If a user clicks on the link, the PHP file is 
executed, even though the actual file is stored outside of the document root.

For example, a file containing <?php phpinfo(); ?> will execute if offered up 
on the web page as link and clicked on.

What do I need to do to prevent this?

-Al Andersen

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org