How to prohibit the upload directory in Apache and nginx php execution Permissions _linux

Prohibit the specified directory from running PHP script under Apache

Add the Php_flag engine off instruction in the virtual host configuration file as follows:

 Options followsymlinks
 allowoverride None order
 Allow,deny
 allow to all 
 Php_flag engine off

Another method, which is set in htaccess, is a bit more flexible, for webmasters who do not have apapche security operations:
The Apache environment rules are as follows: Apache executes PHP script restrictions to add these rules to the. htaccess file
The code is as follows:

Rewriteengine on rewritecond%!^$
rewriterule uploads/(. *). ( php) $–[f]
rewriterule data/(. *). ( php) $–[f]
rewriterule templets/(. *). ( PHP) $–[f]

Nginx to prohibit the specified directory from running PHP script

Nginx simpler, you can add the following configuration to the server configuration section by directly following the location criteria to match the permissions against the location.

If it is a single directory:

Location ~* ^/uploads/.*\. (PHP|PHP5) $
{
 deny all;
}

If you are more than one directory:

Location ~* ^/(attachments|uploads)/.*\. (PHP|PHP5) $
{
 deny all;
}

Note: This configuration file must be placed in front of the following configuration to be effective.

Location ~ \.php$ {
fastcgi_pass  127.0.0.1:9000;
Fastcgi_index index.php;
Fastcgi_param script_filename $document _root$fastcgi_script_name;
Include    fastcgi_params;
}

Finally, give a complete configuration example

Location ~/mm/(data|uploads|templets)/*. (PHP) $ {
 deny all;
}

Location ~. php$ {
 try_files $uri/404.html;
 Fastcgi_pass  127.0.0.1:9000;
 Fastcgi_index index.php;
 Fastcgi_param script_filename $document _root$fastcgi_script_name;
 Include    fastcgi_params;
}

Remember to restart Nginx when you are finished configuring.