aboutsummaryrefslogtreecommitdiffstats
path: root/src/uploads/.htaccess
diff options
context:
space:
mode:
Diffstat (limited to 'src/uploads/.htaccess')
-rw-r--r--src/uploads/.htaccess5
1 files changed, 5 insertions, 0 deletions
diff --git a/src/uploads/.htaccess b/src/uploads/.htaccess
new file mode 100644
index 0000000..c53904e
--- /dev/null
+++ b/src/uploads/.htaccess
@@ -0,0 +1,5 @@
+# deny common executable/script payloads in uploads
+<FilesMatch "\.(php|phtml|php[0-9]?|phar|cgi|pl|py|sh)$">
+ Require all denied
+</FilesMatch>
+Options -ExecCGI
generated by cgit v1.2.3 (git 2.39.1) at 2026-06-07 13:15:18 +0000