How do I prevent all script execution in a web-accessible image uploads directory?
I am using nginx and PHP, and want to allow images to be uploaded by my users, and placed into a public web accessible directory. I currently have this rule defined: location ~ /uploads { location ~ \.(jpg|gif|png)$ {} deny all; } If it’s not a .jpg, .gif, or .png, then deny access to it. … Read more