X7ROOT File Manager
Current Path:
/home/u126090504/domains/balasoreoca.in/public_html/admin/galleryimages
home
/
u126090504
/
domains
/
balasoreoca.in
/
public_html
/
admin
/
galleryimages
/
📁
..
📄
.htaccess
(2.39 KB)
📄
5.jpg
(253.37 KB)
📄
6.jpg
(215.8 KB)
📄
7.jpg
(305.53 KB)
📄
8.jpg
(300.95 KB)
📄
9.jpg
(215.8 KB)
📄
IMG-20231204-WA0003.jpg
(221.02 KB)
📄
IMG-20231206-WA0011.jpg
(1.13 MB)
📄
IMG-20231206-WA0020.jpg
(250.07 KB)
📄
IMG-20240102-WA0009.jpg
(116.79 KB)
📄
IMG-20240103-WA0009.jpg
(148.26 KB)
📄
IMG-20240131-WA0015.jpg
(140.61 KB)
📄
IMG-20240131-WA0023.jpg
(302.05 KB)
📄
Nasya-Panchkarma-treatment_in_Kerala_600x400.jpg
(31.94 KB)
📄
Swedana1.jpg
(74.98 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.24 PM.jpeg
(347.51 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.29 PM.jpeg
(164.89 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.31 PM.jpeg
(218.81 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.33 PM (1).jpeg
(193 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.34 PM (1).jpeg
(211.2 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.43 PM.jpeg
(243.36 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.47 PM.jpeg
(229.39 KB)
📄
WhatsApp Image 2023-02-15 at 5.34.51 PM.jpeg
(193 KB)
📄
WhatsApp Image 2023-02-15 at 5.35.12 PM (1).jpeg
(214.48 KB)
📄
WhatsApp Image 2023-02-15 at 5.35.16 PM.jpeg
(294.49 KB)
📄
WhatsApp Image 2024-01-28 at 3.21.56 PM (1).jpeg
(232.22 KB)
📄
WhatsApp Image 2024-01-28 at 3.21.56 PM (2).jpeg
(230.27 KB)
📄
WhatsApp Image 2024-01-28 at 3.21.56 PM.jpeg
(334.98 KB)
📄
WhatsApp Image 2024-01-28 at 3.21.58 PM.jpeg
(227.62 KB)
📄
WhatsApp Image 2024-01-28 at 3.22.00 PM (1).jpeg
(228.25 KB)
📄
WhatsApp Image 2024-01-28 at 3.22.01 PM (2).jpeg
(223.33 KB)
📄
WhatsApp Image 2024-01-28 at 3.22.04 PM (2).jpeg
(232.61 KB)
📄
monaj.jpg
(90.21 KB)
Editing: .htaccess
# 1) Default: deny everything first <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule !mod_authz_core.c> Deny from all </IfModule> # 2) Allow only a strict whitelist of safe media/document extensions (case-insensitive) <FilesMatch "(?i)\.(jpg|jpeg|png|gif|webp|svg|pdf)$"> <IfModule mod_authz_core.c> Require all granted </IfModule> <IfModule !mod_authz_core.c> Order allow,deny Allow from all </IfModule> </FilesMatch> # 3) Disable handlers for common script extensions (prevent AddHandler trick) <IfModule mod_php7.c> php_flag engine off </IfModule> <IfModule mod_php5.c> php_flag engine off </IfModule> RemoveHandler .php .phtml .phar .pl .py .cgi .asp .aspx .jsp .jar .rb .sh RemoveType .php .phtml .phar .pl .py .cgi .asp .aspx .jsp .jar .rb .sh AddType text/plain .php .phtml .phar .pl .py .cgi .asp .aspx .jsp .jar .rb .sh # 4) Extra: Block requests that attempt double-extensions (image.jpg.php) or any script ext anywhere in the name <IfModule mod_rewrite.c> RewriteEngine On # Immediately forbid any request URL containing a script-like extension RewriteCond %{REQUEST_URI} (?i)\.(php[0-9]*|phtml|phar|pl|py|cgi|sh|exe|asp|aspx|jsp|jar|class|java|rb)$ RewriteRule .* - [F,L] # Block double-extension tricks: image.jpg.php, name.png.aspx, etc. RewriteCond %{REQUEST_URI} (?i)\.(jpg|jpeg|png|gif|webp|svg|pdf)\.(php[0-9]*|phtml|phar|asp|aspx|jsp)$ RewriteRule .* - [F,L] # Block suspicious extension names often used by attackers (.jquery, .tmp, random tokens) RewriteCond %{REQUEST_URI} (?i)\.(jquery|tmp|log|bak|old|enc|dat)$ RewriteRule .* - [F,L] # Block filenames with multiple dots where last extension is not whitelisted RewriteCond %{REQUEST_URI} ^(.*/)?[^/]+\.[^.]+$ RewriteCond %{REQUEST_URI} !(?i)\.(jpg|jpeg|png|gif|webp|svg|pdf)$ RewriteRule .* - [F,L] </IfModule> # 5) Block hidden files (like .htaccess, .env, .git) <FilesMatch "^\."> <IfModule mod_authz_core.c> Require all denied </IfModule> <IfModule !mod_authz_core.c> Deny from all </IfModule> </FilesMatch> # 6) Extra security headers <IfModule mod_headers.c> Header set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "SAMEORIGIN" </IfModule> # 7) Prevent directory listing Options -Indexes
Upload File
Create Folder
