yashrs Posted April 16, 2014 Posted April 16, 2014 Link to a page on my website where PHP is getting executed even when the extension is random.1.2.3. : Link Is this the problem with the configuration of Apache with PHP ? Help needed. If I have uploading enabled and I am restricting PHP files then a attacker can upload a file with some other extension and execute PHP on my website. Thanking You,Yash Sodha 1
Ice IT Support Posted April 17, 2014 Posted April 17, 2014 That's strange, Stevie used to only execute PHP in files with the .php extension. In any case, it's probably most secure to filter files with PHP opening/closing tags in addition to filtering the extension.
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now