X7ROOT File Manager
Current Path:
/home/u126090504/domains/gurugyanacademy.in/public_html
home
/
u126090504
/
domains
/
gurugyanacademy.in
/
public_html
/
📁
..
📄
.htaccess
(2.11 KB)
📄
about-us.php
(9.85 KB)
📁
admin
📄
bed.php
(7.51 KB)
📄
branches.php
(5.72 KB)
📁
cgi-bin
📄
chair-person's-message.php
(5.23 KB)
📄
cleanup_README.txt
(1.25 KB)
📄
coaching.php
(6.65 KB)
📄
computer.php
(16.64 KB)
📄
contact-us.php
(6.18 KB)
📄
contactdb.php
(796 B)
📁
css
📄
director's-message.php
(5.19 KB)
📄
download.php
(3.87 KB)
📄
facilities.php
(12.06 KB)
📁
fonts
📄
footer.php
(7.15 KB)
📄
gallery.php
(4.98 KB)
📄
google8b8d2637d334d5a3.html
(53 B)
📁
gurugyan
📄
gurugyan.sql
(5.98 KB)
📄
gurugyan.zip
(64.22 MB)
📄
header.php
(11.02 KB)
📁
images
📄
index.php
(54.28 KB)
📁
js
📁
oca-bls
📁
pdf
📁
revolution
📄
secure_upload.php
(2.87 KB)
📄
showpath.php
(107 B)
📄
spoken-english.php
(7.15 KB)
Editing: .htaccess
# ---------- Basic security, but allow normal PHP pages ---------- Options -Indexes # Protect sensitive files <FilesMatch "(^\.|(\.(env|ini|log|sql|bak|zip|tar|gz|inc|sh|phar)$))"> Require all denied </FilesMatch> <FilesMatch "(wp-config\.php|composer\.json|composer\.lock|\.env|config\.php|phpinfo\.php|readme\.(html|txt))$"> Require all denied </FilesMatch> <Files ".htaccess"> Require all denied </Files> # Limit HTTP methods <LimitExcept GET POST HEAD OPTIONS> Require all denied </LimitExcept> # Rewrite protections (leave as is) <IfModule mod_rewrite.c> RewriteEngine On RewriteCond %{QUERY_STRING} (union|select|insert|cast\(|benchmark\(|base64_encode|document\.cookie|<script|eval\() [NC] RewriteRule ^ - [F,L] RewriteCond %{REQUEST_URI} (%3C|%3E|%3Cscript%3E|%3Ciframe%3E) [NC,OR] RewriteCond %{REQUEST_URI} (\.\./|\%2e\%2e) [NC] RewriteRule ^ - [F,L] </IfModule> # ====== Security headers (PERMISSIVE for now so layout restores) ====== <IfModule mod_headers.c> Header set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "SAMEORIGIN" Header set Referrer-Policy "no-referrer-when-downgrade" # Permissive CSP to restore layout and external assets quickly. # We'll tighten this later once you confirm everything works. Header always set Content-Security-Policy "default-src 'self' https: data: blob:; \ script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; \ style-src 'self' 'unsafe-inline' https: data:; \ font-src 'self' https: data:; \ img-src 'self' data: https:; \ connect-src 'self' https: wss:; \ frame-src https: data:; \ object-src 'none'; \ base-uri 'self';" </IfModule> # Extra safety: block direct access to common backup/executable files <FilesMatch "\.(bak|config|sql|log|env|inc|old|backup|phar|sh|exe)$"> Require all denied </FilesMatch> # Prevent PHP execution attempts inside common upload paths <IfModule mod_rewrite.c> RewriteCond %{REQUEST_URI} /(wp-content/uploads|uploads|files|media)/ [NC] RewriteRule \.(php|phtml|phar|pl|py|cgi)$ - [F,L,NC] </IfModule>
Upload File
Create Folder