Just like my file permissions there is one .htaccess file I cant live without. It’s super simple and will save you from major headaches!
<FilesMatch ".php$"> Order Allow,Deny Deny from all </FilesMatch>
That’s it! It prevents php files from being run inside 777 directories and all their subdirectories. I dont particularly like Apache as anyone that knows me knows however I have to work with it daily so I need to know how to do things like this. You could modify that code block to also block perl files, python files or anything else you dont want executed inside a 777 world writable directory.
I recently discover that this works well, except if they remove the .htaccess file. The solution to this is to give the folder 1777 permissions and then give the .htaccess file an owner that isn’t the web server. This prevents the .htaccess file being able to be modified by the web server.