Is there a way, through php.ini or .htaccess to disable all file uploads to

Question

0

Editorial Team

Asked: June 18, 20262026-06-18T12:20:16+00:00 2026-06-18T12:20:16+00:00

Is there a way, through php.ini or .htaccess to disable all file uploads to

0

Is there a way, through php.ini or .htaccess to disable all file uploads to a server?

The only catch is, I want to have one folder (example an admin folder) to still have access to upload.

I am thinking along the lines of when you disable eval and exec.

This question stems from the fact that I have seen sites infected with malware, which are located in all random spots through the server – a recent example I have seen is something similar to:

eval(gzinflate(base64_decode("HZ3fdsfHjtfvdqlkdsfabf5Y7OAQfMCRc9YKaYc5o0mHOmmJ6+ .... ));

Located in a file called stp.php on a server. My thinking is that if the sites users need no access to upload files (which they don’t), then it should be simply disabled.

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-18T12:20:18+00:00

Editorial Team

2026-06-18T12:20:18+00:00Added an answer on June 18, 2026 at 12:20 pm

Yes. In your php.ini file set file_uploads=Off as described here.
This will disable all file uploads through HTTP.

0

Reply
Share
Share

- Report

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Is there a way, through php.ini or .htaccess to disable all file uploads to

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply