I've an uploads folder with permissions set to
777 (can't be transformed).
Within this, I allow reliable customers to upload images.
I wish to only allow
.jpg .png and .gif files into this folder.
How do i do that (with .htaccess?)?
EDIT: Someone has stated this isn't secure. For this to become harmful, the hacker would still want to get in to the server to include files in to the directory and execute them, for instance using FTP, so it's not too harmful I believe.
This really is most likely something that's best enforced through the upload script itself -
.htaccess only allows you control what customers can access on the internet server, it does not work on which files are permitted to become produced within the directory.
However, should you do only desire to limit viewing use of certain file types, it can be done:
Order Deny,Allow Deny from all <FilesMatch "\.(gif|jpe?g|png)$"> Allow from all </FilesMatch>
(Observe that it has along side it effect of denying accessibility directory index listing, that you simply might really need. For those who have direct links to any or all the files, it does not matter.)