Prevent server behaviour : executing scripts without extension

Question

I'm working on a server who has the tendency to execute scripts even when I don't add .php So lets say my page is activities.php then I can execute my script with :

www.example.com/activities.php
www.example.com/activities
and even www.example.com/activities/

I've tried to bypass the problem with something like :

if ($_SERVER['REQUEST_URI'] != $_SERVER['SCRIPT_NAME'])  header('Location: '. $_SERVER['SCRIPT_NAME']);

which works fine, well untill I need to post some data. There is nothing in my htaccess files which explains this behavior (no mod_rewrite stuff or anything). How can I turn this off ?

Server info :

Linux Linux1 3.2.0-24-generic #39-Ubuntu SMP Mon May 21 16:52:17 UTC 2012 x86_64 
Apache Version  Apache/2.2.22 (Ubuntu)
Apache API Version  20051115 

Thanks in advance

EDIT : .htaccess file

php_flag display_errors on
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{HTTP_Host} ^domain.be [NC]
RewriteRule ^(.*)$ http://www.domain.be/$1 [L,R=301]

Answer 1

It is possible that your server has MultiViews (Apache Content Negotiation) enabled; when it is enabled and a file cannot be found apache will look for the same file but with any extension. To disable this you can add -MultiViews to Options (if your host allows it)...

Options +FollowSymLinks -MultiViews

I would question why this is a problem for you though, if you do not link to any of your scripts without the .php then how will people find them? Canonical URLs are only really an issue if there are links to these other pages.

Additionally, you could improve your php-based redirect to check the current request method and not redirect on POST requests, by inspecting $_SERVER['REQUEST_METHOD']...

if ($_SERVER['REQUEST_URI'] != $_SERVER['SCRIPT_NAME'] and $_SERVER['REQUEST_METHOD'] != 'POST')  header('Location: '. $_SERVER['SCRIPT_NAME']);