网络营销电子商务研究中心

网络营销电子商务研究中心 (https://www.0058.net/index.php)
-   Discuz/SupeSite/X-Space (https://www.0058.net/forumdisplay.php?f=10)
-   -   禁止X3.1的 上传的 附件、图片的目录运行php (https://www.0058.net/showthread.php?t=4618)

topvip 2014-01-07 07:35 PM
禁止X3.1的 上传的 附件、图片的目录运行php
 
新建一个.htaccess文件, 内容如下:
Code:
# deny *everything*
<FilesMatch ".*">
  Order Allow,Deny
  Deny from all
</FilesMatch>

# but now allow just *certain* necessary files:
<FilesMatch ".*\.(jpe?g|JPE?G|gif|GIF|png|PNG|swf|SWF)$" >
  Order Allow,Deny
  Allow from all
</FilesMatch>

IndexIgnore */*


## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS):
# OPTIONS -Indexes -ExecCGI
AddHandler cgi-script .php .pl .py .rb .jsp .asp .htm .shtml .sh .cgi
Options -ExecCGI
上传到data/attachment/forum下就可以了.


All times are GMT +8. The time now is 03:08 PM.

Powered by vBulletin Version 3.8.7
Copyright ©2000 - 2026, Jelsoft Enterprises Ltd.