Prevent PHP scripts from executing in a directory

If you want to prohibit the execution of PHP scripts in a directory, for example, in /uploads/, you need to put the .htaccess file there with the following content:

php_flag engine 0
RemoveHandler .phtml .php .php2 .php3 .php4 .php5 .php7 .phps .cgi .pl .asp .aspx .shtml .shtm .fcgi .fpl .htm .html
AddType text/plain .phtml .php .php2 .php3 .php4 .php5 .php6 .php7 .phps .cgi .pl .asp .aspx .shtml .shtm .fcgi .fpl .htm .html
htaccess

If it doesn't work, then there is another option:

<FilesMatch "\.*">
SetHandler none
</FilesMatch>
htaccess

To check whether PHP scripts are really not being executed, you need to place the test.php file in the same directory with the following content and run it in the browser.

<?php echo 1; ?>
PHP

As a result, PHP code should be displayed in the browser:

08.10.2016, updated 21.02.2021
72

Comments

to add a comment.

Other publications