Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: xampp, a.jpg.xx, as jpg |
|
| Author |
|
spser
Joined: 29 Aug 2016
Posts: 97
|
 Posted: Mon 18 Feb '19 7:44 Post subject: |
 |
|
https://www.atuser.com/x.png
There is a problem with xampp, visit a.jpg.xx, as jpg is executed. As picture. |
|
| Back to top |
|
glsmith
Moderator
Joined: 16 Oct 2007
Posts: 2268
Location: Sun Diego, USA
|
| Posted: Mon 18 Feb '19 22:19 Post subject: |
|
|
Not a problem. It is as documented. see
http://httpd.apache.org/docs/2.4/mod/mod_mime.html#multipleext
That said, in httpd.conf (bottom is fine) add | Code: | <Files ~ "\.xx$">
Require all denied
</Files> |
That will make all files inaccessible with a .xx at the end, if that's what your looking for. |
|
| Back to top |
|
spser
Joined: 29 Aug 2016
Posts: 97
|
| Posted: Tue 19 Feb '19 3:22 Post subject: |
|
|
This does not solve the problem at all. The user may upload a.jpg.ax next time.
A.jpg.as, a.jpg.abc, a.jpg.xat Unlimited possibilities. What about the configuration? |
|
| Back to top |
|
mraddi
Joined: 27 Jun 2016
Posts: 152
Location: Schömberg, Baden-Württemberg, Germany
|
| Posted: Fri 22 Feb '19 9:22 Post subject: |
|
|
Have you tried to disable the functionality for this multi-lanuage-thing. Maybe this helps (haven't tested it myself):
| Code: | <IfModule mod_negotiation.c>
Options -MultiViews
</IfModule> |
Another idea might me to redirect everything that does not exist physically on the filesystem to an error-page:
| Code: | RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^.*$ / [R=302,L] |
|
|
| Back to top |
|
spser
Joined: 29 Aug 2016
Posts: 97
|
| Posted: Fri 22 Feb '19 10:40 Post subject: |
|
|
| The file exists, and file access with multiple suffixes will encounter similar problems. |
|
| Back to top |
|
|
|
|
|
|
