Currently i'm running local forum with image upload,recently few attackers try to use my server as phising mail sender by uploading php based file,i was try some nginx config but it seems not worked here is part of my nginx conf
try_files $uri =404;
location /upload_path {
types
{
image/gif gif;
image/jpeg jpeg jpg;
image/png png;
text/plain txt;
}
default_type application/octet-stream;
location ~ \.php$
{
break;
}
}
any advice to avoid php file upload and execution?
http://ift.tt/1dvHQ0Z
To upload optimized images, convert jpg to png to make better programming with jpg4png.com here
ReplyDelete