-
Getting Started
-
App Portal
-
Features
-
cPGuard Lite
-
Command line
-
User plugin
- Articles coming soon
-
FAQs
- Reissue license
- Notify users on outdated CMS
- Restore a file
- Blacklist a file
- Whitelist files
- Start manual files scan
- Exclude domain from bot attack and captcha check
- SRBL - Whitelist domain or sender IP Address
- Enable Ioncube in cPanel PHP
- Grant server access to support
- How to fix the agent error in App Portal
- Whitelist a WAF rule ID
- Run a hook script after file detection
- Whitelist a user in the scanner engine
- What is inotify watch and how will it affects server performance
- Migrate license to a new server or IP Address
- Tagging Servers
- How to install cPGuard Standalone
- How do we calculate the number of users on a server
- Add additional directories to automatic scan list
- cPGuard WAF required settings and depencies
- So many cpguard-job-logs::fetchlogs processes running
- Install ModSecurity with Nginx on CentOS/RockyLinux/AlmaLinux
- How to install latest ModSecurity 2.9.7 with Apache - Install ModSecurity 2.9.7 with Apache
- How to whitelist an IP address
- How to report a file?
- Block PHP script upload using cPGuard WAF
- cPGuard License abuse is detected
- Webuzo Security using cPGuard - Webuzo Antivirus - Webuzo Antimalware
- Block countries from accessing your websites and server
- Show all articles ( 15 ) Collapse Articles
-
General
- Migrating cPGuard V3 to V4
- Uninstalling cPGuard
- Overriding WordPress cron job
- Install ModSecurity with Nginx on Debian/Ubuntu
- How do we calculate the number of users on a server
- How to install latest ModSecurity 2.9.7 with Apache - Install ModSecurity 2.9.7 with Apache
- Bulk Action - Run an action against multiple servers
- How to whitelist an IP address
- How to report a file?
- Block PHP script upload using cPGuard WAF
- cPGuard License abuse is detected
- Request body excluding files is bigger than the maximum - Request body no files data length is larger than the configured limit
- Block countries from accessing your websites and server
-
Change Logs
-
Standalone
- cPGuard Standalone Configuration
- How to modify standalone configuration file cpguard.ini
- How to install cPGuard Standalone
- How to secure the websites on a Webmin/Virtualmin server using cPGuard
- Install ModSecurity with Nginx on Debian/Ubuntu
- Secure websites on Control Web Panel / CWP Server
- Installing cPGuard on Enhance panel
- How to install latest ModSecurity 2.9.7 with Apache - Install ModSecurity 2.9.7 with Apache
- Secure websites on Interworx Control Panel
-
Standalone Panels
-
WAF
- cPGuard WAF required settings and depencies
- Install ModSecurity with Nginx on Debian/Ubuntu
- Whitelist a WAF rule ID
- WAF Integration
- Web Application Firewall
- Install ModSecurity with Nginx on CentOS/RockyLinux/AlmaLinux
- How to install latest ModSecurity 2.9.7 with Apache - Install ModSecurity 2.9.7 with Apache
- Block PHP script upload using cPGuard WAF
- Request body excluding files is bigger than the maximum - Request body no files data length is larger than the configured limit
Block PHP script upload using cPGuard WAF
0 out of 5 stars
| 5 Stars | 0% | |
| 4 Stars | 0% | |
| 3 Stars | 0% | |
| 2 Stars | 0% | |
| 1 Stars | 0% |
In cPGuard, you have the option to stop uploading PHP scripts through the Web, which includes a web form, web file managers, and web shells. Please note that this option will disable all types of PHP script uploads through Websites and thus should be aware that you cannot edit and save PHP files using the Web. Once this option is enabled, you should use FTP, SSH, Control Panel File Manager, etc to upload and update PHP scripts to your websites.
To enable the option you have 2 options.
1. Using CLI
You can enable PHP script upload blocker in WAF using the following command
cpgcli upload-scanner --block-php=enableTo revert this setting, you can use the following command.
cpgcli upload-scanner --block-php=disable2. Using App Portal Setting
Log in to App Portal > Choose your server > Go to Settings > Additional Settings > Turn ON the option “Block PHP files upload “
To revert the action, you can turn off the switch
How to verify that it is working?
Once the PHP script upload is enabled in WAF, you can notice an entry like the following in WAF Logs each time it blocks PHP script uploads
0 out of 5 stars
| 5 Stars | 0% | |
| 4 Stars | 0% | |
| 3 Stars | 0% | |
| 2 Stars | 0% | |
| 1 Stars | 0% |