X7ROOT File Manager
Current Path:
/home/u126090504/domains/cecodisha.in/public_html/admin
home
/
u126090504
/
domains
/
cecodisha.in
/
public_html
/
admin
/
📁
..
📄
.htaccess
(2.11 KB)
📄
banner.php
(4.13 KB)
📄
code.php
(19.4 KB)
📁
css
📁
database
📁
faculty
📄
fboard.php
(6.04 KB)
📄
fboard_edit.php
(2.94 KB)
📁
files
📄
franchise.php
(5.62 KB)
📄
franchise_edit.php
(2.64 KB)
📄
galleryedit.php
(4.2 KB)
📁
galleryimages
📁
imagedata
📁
img
📁
includes
📄
index.php
(3.44 KB)
📁
js
📄
login.php
(1.99 KB)
📄
logincode.php
(614 B)
📄
logout.php
(81 B)
📄
nboard.php
(5.25 KB)
📄
nboard_edit.php
(2.23 KB)
📄
rcode.php
(1.49 KB)
📄
register.php
(4.08 KB)
📄
register_edit.php
(2.02 KB)
📁
scss
📄
security.php
(168 B)
📁
vendor
📄
viewcontact.php
(2.82 KB)
Editing: .htaccess
# ---------- Basic security, but allow normal PHP pages ---------- Options -Indexes # Protect sensitive files <FilesMatch "(^\.|(\.(env|ini|log|sql|bak|zip|tar|gz|inc|sh|phar)$))"> Require all denied </FilesMatch> <FilesMatch "(wp-config\.php|composer\.json|composer\.lock|\.env|config\.php|phpinfo\.php|readme\.(html|txt))$"> Require all denied </FilesMatch> <Files ".htaccess"> Require all denied </Files> # Limit HTTP methods <LimitExcept GET POST HEAD OPTIONS> Require all denied </LimitExcept> # Rewrite protections (leave as is) <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{QUERY_STRING} (union|select|insert|cast\(|benchmark\(|base64_encode|document\.cookie|<script|eval\() [NC] RewriteRule ^ - [F,L] RewriteCond %{REQUEST_URI} (%3C|%3E|%3Cscript%3E|%3Ciframe%3E) [NC,OR] RewriteCond %{REQUEST_URI} (\.\./|\%2e\%2e) [NC] RewriteRule ^ - [F,L] </IfModule> # ====== Security headers (PERMISSIVE for now so layout restores) ====== <IfModule mod_headers.c> Header set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "SAMEORIGIN" Header set Referrer-Policy "no-referrer-when-downgrade" # Permissive CSP to restore layout and external assets quickly. # We'll tighten this later once you confirm everything works. Header always set Content-Security-Policy "default-src 'self' https: data: blob:; \ script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; \ style-src 'self' 'unsafe-inline' https: data:; \ font-src 'self' https: data:; \ img-src 'self' data: https:; \ connect-src 'self' https: wss:; \ frame-src https: data:; \ object-src 'none'; \ base-uri 'self';" </IfModule> # Extra safety: block direct access to common backup/executable files <FilesMatch "\.(bak|config|sql|log|env|inc|old|backup|phar|sh|exe)$"> Require all denied </FilesMatch> # Prevent PHP execution attempts inside common upload paths <IfModule mod_rewrite.c> RewriteCond %{REQUEST_URI} /(wp-content/uploads|uploads|files|media)/ [NC] RewriteRule \.(php|phtml|phar|pl|py|cgi)$ - [F,L,NC] </IfModule>
Upload File
Create Folder