Hi, since there are many ways to configure script interpreters, I'm looking for a safe and universal way to disallow execution of scripts in certain directories, i.e. directories where CMS users can upload files. I found two settings: "Options -ExecCGI" - seems to be effective in usual virtual hosting environments but doesn't help for languages running as module. "SetHandler default-handler" works also for script languages running as module. I'm afraid I overlooked something, could you please rate the options mentioned above or point me to even better solutions? I would also like to learn why "SetHandler None" documented in http://httpd.apache.org/docs/current/mod/core.html#sethandler didn't make any difference in my experiments. Thanks in advance, Oliver -- Oliver Betz, Munich http://oliverbetz.de/ --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|