Don't exceute uploaded file

hi everyone
image : !
i have a upload center and let user upload their images.
i use linux and apache.
i've heard(i don't anything about it) that apache(on linux) can
limit a folder so that files of folder just can download
but can't execute(if someone even upload a php file he can't run this).
so i don't need some filters and let users upload anything they want.
i have two questions :
1.is it true
2.how can do this.
thank you in advance

 

Permissions - 700.

Google Dork - CHMOD guide

 

chmod will stop a file from being executed but it will not stop php from reading, parsing and running a php file. You can get php to run a file by typing "php filename.php" on the command line or by simply requesting the file in a browser.

The best way to stop this kind of attack is to check the mime-type of the file being uploaded as they upload it and unless it's a jpg, gif or png then delete it and give them an error message. Don't just check the extension because there are often ways around extension-based security. Extensions don't actually mean anything, they are just a convention we use to help understand what kind of file it is.

Actually, now that I think about it, chmod 700 won't stop it being executed anyway... the user that owned the file could still execute it on the command line. 644 would be much safer privileges. 644 would allow anyone to read the file and only it's owner to write to the file.

 

Yes, definitely not 700 as it defeats the purpose of the script. 644, or 666 if users can edit/delete their uploads.