How can you write rules to redirect all demands to *.php and *.html files in upload/ folder to some text file title forbidden.txt in root www folder. What I am attempting to just do is stopping script execution within this dir by redirecting individuals demands towards the text file

Note: The upload/ folder is accessibly by ftp utilized by someone to upload files and so i cannot place htaccess inside this folder.

Create an .htaccess file at the bottom degree of your website that contains

RedirectMatch ^/upload/.+(html|php)$

You might try switching from the PHP engine for the reason that directory by creating an .htaccess file in /upload/ that contains:

php_value engine off

although you should make sure that people cannot upload files using the title .htaccess

Place your htaccess rules in httpd.conf rather.

If you cannot edit httpd.conf, your best choice would be to not allow web use of that directory whatsoever. Let FTP customers access a folder outdoors of the web directory after which give a mechanism for locating the file contents.

You can title that directory "upload". Then you may have your .htaccess file make demands to /upload/myfile execute upload.php, which finds ../upload/myfile and spits backs its contents. By doing this it appears to customers that they're being able to access the "upload" folder directly, however, you would the amount of control you would like with the PHP script.