• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

¿How disable PHP execution in certain directories with plesk?

pintalabios

New Pleskian
Hi

I have a plesk 12.5 on CentOS 6.7 (Final)

I am using Plesk Panel

I want to disable PHP execution in certain directories of a website

I tried some things like 1 and 2

1) INSIDE Additional Directives for Apache for the Domain directory selected

<Directory "/var/www/vhosts/MY_DOMAIN/httpdocs/MY_DIRECTORY">
Options -ExecCGI
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi

RemoveHandler .php .phtml .php3
RemoveType .php .phtml .php3
php_flag engine off

</Directory>

and is not working

2) INSIDE Additional Directives for php, for the Domain selected

[PATH=/var/www/vhosts/MY_DOMAIN/httpdocs/MY_DIRECTORY]
engine = off

and is not working either

NOTE: The only that is working is

<filesmatch ".(htaccess|htpasswd|ini|php|fla|psd|log|sh|pl|py|html|jsp|asp|shtml|htm|cgi)$">
Order Allow,Deny
Deny from all
</filesmatch>

BUT I DON'T WANT ONLY THIS

Thanks for suggestions ^_^
 
I just wonder what is the purpose for disabling PHP in some folders and allowing in others?
 
Hi

I was recently hacked in a website :(

One hacker put a backdor within an image that had php code inside

look that

YOU MUST secure all directories when a user can upload images or another file.

Search in google "image Exif backdoor" for more info

This is why i search to NO ALLOW php or execution of another language how pyton ... on some directories ;)

Best
 
Back
Top