Prevent php NULL byte or upload file security hole

====================================
1) via .htaccess file
Put following in .htaccess and
put it in the appropriate directory
====================================
# Sample '.htaccess' file for 'pub' subdirectory

# Allow all access
Allow from all

# Deny people from looking at the index and running SSI and CGI
Options None

# If you have PHP4 or PHP5 installed make sure the directive
# below is enabled. If you do not have PHP installed you will
# need to comment out the directory below to avoid errors:
php_flag engine off

# If you have PHP3 installed make sure the directive below is
# enabled:
#php3_engine off

# This line will redefine the mime type for the most common
# types of scripts. It will also deliver HTML files as if they
# are text files:
AddType text/plain .html .htm .shtml .php .php3 .php5 .phtml .phtm .pl .py .cgi


===========================
1) Via Directory directive
===========================

<DirectoryMatch "/images|/upload|/Upload|/Images">
    # Ignore .htaccess files
    AllowOverride None

    # Serve scripts as plaintext
    AddType text/plain .html .htm .shtml .php .php3 .php5 .phtml .phtm .pl .py .cgi

    # Don't run arbitrary PHP code.
    php_admin_flag engine off
</DirectoryMatch>


==========================
2) Via Location directive
==========================

<LocationMatch "/images|/upload">
    # Ignore .htaccess files
    AllowOverride None
   
    # Serve scripts as plaintext
    AddType text/plain .html .htm .shtml .php .php3 .php5 .phtml .phtm .pl .py .cgi
   
    # Don't run arbitrary PHP code.
    php_admin_flag engine off
</Location>

---

---