NGINX:禁止上传目录执行php文件防止webshell

在apache下做如下设置:
以apache 模块方式运行 PHP
<Directory /www/www.example.com/upload>
php_flag engine off
</Directory>

<Directory ~ "^/www/.*/upload">
 <Files ~ ".php">
 Order allow,deny
 Deny from all
 </Files>
</Directory>

在nginx下做如下设置:
location /upload/ {
location ~ .*\.(php)?$ {
deny all;
}
}


location ~* ^/(attachments|upload)/.*\.(php|php5)$
{
deny all;
}

你可能感兴趣的:(apache,nginx,PHP,Web,webshell)