After xtra file server install I think I may have a problem

[Joseph]

I followed the instructions *** Extra File-Server Installation ***
Steps 1-3 were competed successfully

Then I run into a problem when I follow the following steps...

INFO: After installation try to open env.php which is in FileServer files folder in browser - it should show you error or source code.
If you see full path, then check that you've moved .htaccess to FileServer htdocs folder.

So I follow the instructions and type in my file server URL: http://fileserver.com/files/env.php and hit Enter.
The browser asks me if I want to Open or Save the file.

Isn't this some sort of error? There is an .htaccess in the "files" and "tmp" folders.

[PilgrimX182]

So, go save it and see what's inside. If it's env.php source then it's all fine. If there's your server paths then u have possible php injection vulnerability and need to disable php execution in /files folder.

[Joseph]

When I choose the Save option and open the file it displays my path.
When I choose the Open option it displays my path within my browser.
Here is the path it displays:
/home/username/domains/fileserver.com/public_html/files/env.php

How do I disable PHP execution in the /files folder?

[PilgrimX182]

Directives in .htaccess should do this actually.
Try these in apache config for /files/ folder:

[Joseph]

[PilgrimX182]

Not necessary, since we won't allow executable files there. Also restrict pl,cgi,py,sh extensions.