How to secure /cache folder agains malicious scripts?
Hi, my phpbb forum repeatedly got hacked by injecting some code or file into /cache folder
So i want to ask how i can prevent this to happen? Any handy .htaccess rules? Thank you
My finds:
If you are sure your cache folder will NOT contain any .php files, you may turn all phps into readable text (so harmless)
Quote:
RemoveHandler .php .phtml .php3
RemoveType .php .phtml .php3
php_flag engine off
----
Deny access to the folder to all except localhost (hosting server):
Quote:
<Directory />
Order Deny,Allow
Deny from all
Allow from 127.0.0.1
</Directory>
Deny access to all files:
Quote:
<Files *>
Order Allow,Deny
Deny from All
</Files>