Anyone knows if/how I could block the scripts (php,asp) to run in sub-directories of the site? e.g /user_uploads/01/* /user_uploads/02/*, etc by using the main .htaccess in site root.. ? It looks like if I set some conditions to redirect all .php, .asp, etc, users are able to upload other .htaccess files in these subdirectories and overwrite the main code in /.htaccess. Any ideas?