Hello,I have my Apache main directory: /www (<Directory /www> / DocumentRoot /www)
In this directory and its subdirectories *.php files get executed by php.In the subdirectory /www/publications (and recoursly in its subdirectories) I allow people (relatively trustworthy!) on the filesystem to drop publications, documentations e.g. which are referenced by a database as path+filename to the files. php then produces with this database information www-pages with html-links to these files.
If people drop *.php files as documentation for the source code(!) in /www/publications these *.php scripts get executed, too. Dangerously(!) and no documentation for the source code.
Therefore I want that no *.php files get executed within /www/publications . It should be stupidely delivered like a *.html file.
I already managed this by a .htaccess file with the entry "php_flag engine off".
But the .htaccess file could be deleted or .htaccess files with "php_flag engine on" could get put in another subdirectory. :-(
Therefore: a) I want to put the "php_flag engine off" in the apache2.conf.b) Add an "AllowOverride" in this apache2.conf that allowes ONLY no switching OF THE "PHP_FLAG ENGINE OFF" in this directory or any subdirectory. (But I have to be able to use a .htaccess in these directories with e.g. "Options +Indexes"!)
Does anyone of you have an idea how to implement this in the apache2.conf? Sincerely Klaus --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|