It’s often required to block access to files in a folder by the file extension. For example – customer has an outdated version of oscommerce that they refuse to upgrade. It requires the images folder to have the permissions 777. The only thing that should be stored in the folder is images. To ensure a script kiddie doesn’t upload php/html files and run them we’ll often add the following to the .htaccess file within the folder:
order deny,allow
deny from all
order deny,allow
deny from all
order deny,allow
deny from all
order deny,allow
deny from all
order deny,allow
deny from all
This stops script kiddies from uploading hacking scripts and then loading them in their browser.
facebook
twitter
LinkedIn