How can you write rules to redirect all demands to *.php and *.html files in upload/ folder to some text file title forbidden.txt in root www folder. What I am attempting to just do is stopping script execution within this dir by redirecting individuals demands towards the text file
Note: The upload/ folder is accessibly by ftp utilized by someone to upload files and so i cannot place htaccess inside this folder.
Create an .htaccess file at the bottom degree of your website that contains
RedirectMatch ^/upload/.+(html|php)$ http://www.yoursite.com/forbidden.txt
You might try switching from the PHP engine for the reason that directory by creating an .htaccess file in /upload/ that contains:
php_value engine off
although you should make sure that people cannot upload files using the title .htaccess
Place your htaccess rules in httpd.conf rather.
If you cannot edit
httpd.conf, your best choice would be to not allow web use of that directory whatsoever. Let FTP customers access a folder outdoors of the web directory after which give a mechanism for locating the file contents.
You can title that directory "upload". Then you may have your
.htaccess file make demands to
upload.php, which finds
../upload/myfile and spits backs its contents. By doing this it appears to customers that they're being able to access the "upload" folder directly, however, you would the amount of control you would like with the PHP script.