Hi,

On my site I have a random image script (rotate.php) located in the folder '/sites/default/files/top_random_images/'.

Now drupal is blocking this script from running with the following line in a htaccess file.

SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006

I do not want to just remove this line and allow everything, but I do want to allow this specific script only to run.

Is there a way of achieving this?

Thanks,
Dave

Comments

mikey_p’s picture

mikey_p commented

I would recommend moving the file from the files directory to just sites/default, as there is always a chance that allowing executables in files is a risk, as you never know when a user could try to upload a similarly named file.

Anonymous’s picture

Anonymous (not verified) commented
Status: Active » Closed (fixed)

Hi

I am closing this issue due to old age. Feel free to reopen it.