Hi all, I have a webserver where the users homes are copied to a folder, and I want to assume that users can not make a script (for instance .php) to let upload files.
In my httpd config file i have this directive that assumed it was enough, but now i saw that people can still upload files with some .php scripts that users have in their home. <Limit GET POST OPTIONS PROPFIND> Order allow,deny Allow from all </Limit> <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK> Order deny,allow Deny from all </Limit> What configuration directive can i insert in the config file to don't allow users could upload files to their homes through php scripts (move_uploaded_file) Best regards, Hugo Gomes -- ************************************************* Hugo Gomes LIP Av. Elias Garcia 14, 1ยบ 1000-149 Lisboa, Portugal Telef.: +351- 217 998 587 URL: http://www.lip.pt E-mail: h...@lip.pt ************************************************* --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org