Translations:Manual:Security/87/en

As these checks may be insufficient, you should explicitly disable server-side execution of PHP scripts (and any other scripting types you may have) in the uploads directory (by default, ).