How to limit file creation permissions to certain file extensions in Linux?

-2

I have an apache webserver running as user apache, and the application I'm hosting (Wordpress) requires certain folders with write permissions by the user apache, I want to limit the write permissions (creation of files) to only .png, .gif, .jpg and .pdf files, but deny .php file creation. Is it possible to do this from apache or linux?

Thank you for your help.

[EDIT]

As per Michael Kjörling suggestion, I added the following to a .htaccess file inside every upload directory:

<FilesMatch "\.php$"> Order Allow,Deny Deny from all </FilesMatch>

Sven Knowles

Posted 2015-03-21T21:00:11.573

Reputation: 1

Ahhh....have you looked at putting this into directory .htaccess files for apache? – mdpc – 2015-03-21T21:17:00.023

Hi, Do you mean Allow and Deny directives in apache? I guess that are for host restrictions only. – Sven Knowles – 2015-03-21T21:28:59.523

No they are for user permissions too! I am assumming you have enabled some type of apache user authentication! – mdpc – 2015-03-21T21:30:09.267

No user authentication is in use, the web pages have public access – Sven Knowles – 2015-03-21T21:51:33.727

Answers

2

You cannot do this in Linux. Unlike in Windows, the file extension is not treated separately in any way by Linux, so there is no generic way to handle for example *.php files in a manner different from, say, *.PHP or *.pdf.

You could however use file name matching and restrictions in either the web server configuration itself or in .htaccess to deny access to *.php files in the upload directory. Not perfect, since the file would still be uploaded, but might be close enough to what you are trying to achieve (prevent execution of code uploaded by users).

a CVn

Posted 2015-03-21T21:00:11.573

Reputation: 26 553

Asked: 2015-03-21T21:00:11.573

Viewed: 869 times

Active: 2015-03-21T22:12:56.257