Resolved Prevent PHP-FPM to execute .php? files

[Pascal_Netenvie]

Server operating system version

Debian 11.7

Plesk version and microupdate number

18.0.52

Hi,
For security reasons i want to prevent PHP-FPM to execute file with extension php3|php4|php5|php7|php8 etc ...
Actually these files are executed.
How can i disable this please ?

 

[Peter Debik]

In a one-liner in .htaccess for example:
RewriteRule ^your-directory/.*\.(php3|php4|php5|php7|php8)$ - [F,L,NC]
With your-directory = the start path to the files, this can also be just /.* or .*

 

[Pascal_Netenvie]

Hi Peter,
Thanks, yes a redirection can be a solution.
Can i make this work for all vhosts in apache conf file ?

 

[Peter Debik]

You can put mod_rewrite rules as the one above in the virtualhost section of an Apache configuration. If you want to apply it to all domains, maybe customizing the web server templates can be a good approach? Changing Virtual Hosts Settings Using Configuration Templates

 

[Pascal_Netenvie]

Ok but there is no way to put this rule in apache server configuration ?
I have my own configuration file in /etc/apache2/conf-enabled/ and i added following lines in it but it seems to not work :

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule \.(php3|php4|php5|php7|php8)$ - [F,L,NC]
</IfModule>

 

[Pascal_Netenvie]

Ok finally i used this and it work perfect :

<IfModule mod_setenvif.c>
<IfModule mod_headers.c>
<FilesMatch "\.(php3|php4|php5|php7|php8)$">
Require all denied
</FilesMatch>
</IfModule>
</IfModule>

 

[Pascal_Netenvie]

And finally i changed it to :

<IfModule mod_setenvif.c>
  <IfModule mod_headers.c>
    <FilesMatch "\.(php.)$">
      Require all denied
    </FilesMatch>
  </IfModule>
</IfModule>