Also talk about the apache,nginx Upload Directory without execute permissions-bug warning-the black bar safety net

2010-05-16T00:00:00
ID MYHACK58:62201026939
Type myhack58
Reporter 佚名
Modified 2010-05-16T00:00:00

Description

As to why set the Upload Directory does not have permission to this, I'm not cumbersome. Now more popular web Services iis,apache,nginx, use theOSis nothing more than windows or *nux We look at two segments usually Upload Directory settings is not entitled to limit the subset of columns,configured as follows:

<Directory "/var/www/upload"><FilesMatch ". php">Order Allow,DenyDeny from all</FilesMatch></Directory> There are online that the nginx Upload Directory without execute permissions

location ~ ^/upload/.\. (php|php5)${ deny all;} These configurations on the surface looks is no problem, and indeed under windows so to speak. Butthe nux is different, everyone is aware of thenux operating system is case-sensitive, where if you replace the uppercase extension. phP class it bypasss. Here I say under my personal workaround:

<Directory "/var/www/upload"><FilesMatch "(? i:.php)"> //? Is as many matches. php string,i is case-insensitive,then a colon followed by a regular expression Order Allow,DenyDeny from all</FilesMatch></Directory> The above meaning is,/var/www/upload Directory and all php files are case-insensitive, by order,allow,deny the principle of judgment refuses to execute a php file on nginx is also can be applied Note:st0p specifically for that regular usage of the written articles on this regular do not understand, can refer to

http://www.st0p.org/blog/archives/view-of-a-regular-expression.html

Another method that we have used

<Directory "/var/www/upload">php_admin_flag engine off</Directory> By contrast I'm still optimistic about a method