Disable PHP in Uploads

Viewing 11 replies - 1 through 11 (of 11 total)

  • @sergey9999

    What web server and what version of that web server are you using ?

    This issue could be due to using an old Apache 1.3.x release.
    Check the Apache error_log for an error that looks like this:

    RewriteRule: cannot compile regular expression ‘^wp-content/uploads/.*\\.(?:php[1-6]?|pht|phtml?)$’\n

    dwinden

    Thread Starter Sergey9999

    (@sergey9999)

    I have newest version of nginx. Which module(s) can use these function?

    @sergey9999

    What is the newest version of Nginx ?

    dwinden

    Thread Starter Sergey9999

    (@sergey9999)

    nginx-1.9.13

    Maybe need to turn on some php modules?

    @sergey9999

    I don’t think you need to turn on any php modules.
    Are there any errors in the error_log file ?

    dwinden

    Thread Starter Sergey9999

    (@sergey9999)

    I make that changes (as my first post) initially for to see error in log. Error log file have only one type data is:

    ” [‘my time’] [alert] [client my ip adress] /home/mysite/mysite.com/docs/.htaccess: RewriteRule: cannot compile regular expression ‘^wp\\-content/uploads/.*\\.(?:php[1-6]?|pht|phtml?)$’\n “

    Note. But when i delete code:

    # Disable PHP in Uploads – Security > Settings > System Tweaks > Uploads
    RewriteRule ^wp\-content/uploads/.*\.(?:php[1-6]?|pht|phtml?)$ – [NC,F]”

    from .htaccess the site have not that error 500.

    What do you think about this? What solution we have?

    Thread Starter Sergey9999

    (@sergey9999)

    The code in .htaccess when i copy is correct. A quotes was whrote when i type message for you.

    @sergey9999

    It looks like your WordPress site is not using Nginx but Apache web server.

    Follow these instructions to find out which web server your WordPress site is using:

    – log into WP Dashboard.
    – navigate to the Security->Dashboard menu option.
    – Scroll down to the System Information metabox.
    – Look for Server Type: in the Server Information section.

    It will probably not show the version, just Apache. You may need to contact your hosting provider to get the web server version.
    Anyway I’m pretty sure its Apache 1.3.x. I’ve seen this issue before…
    This is an Apache 1.3.x specific issue.

    dwinden

    Thread Starter Sergey9999

    (@sergey9999)

    Dwinden, you are absolutly right. I have Apache/1.3.42 (Unix) PHP/5.3.13.

    Could you please help me find this solution where you had seen it before?
    Forum have so many topics, and my english not good as yours.

    I will be very appriciate you and mark this topic as “resolved”.

    @sergey9999

    You can find a specific fix for the Disable PHP in Uploads issue in this topic.

    The general idea behind the fix above also applies for the HackRepair.com Blacklist. Only difference is that it needs to be fixed in a different file:

    wp-content/plugins/better-wp-security/core/modules/ban-users/lists/hackrepair-apache.inc

    dwinden

    Thread Starter Sergey9999

    (@sergey9999)

    Thank you i will try!

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘Disable PHP in Uploads’ is closed to new replies.

Tags