diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 37dbcbf5ded..f1ff8ee121b 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -8562,15 +8562,18 @@ function dolGetButtonTitle($label, $helpText = '', $iconClass = 'fa fa-file', $u
 /**
  * Return if a file can contains executable content
  *
- * @param   string  $filename       File NamedRange
+ * @param   string  $filename       File name to test
  * @return  boolean                 True if yes, False if no
  */
 function isAFileWithExecutableContent($filename)
 {
-    if (preg_match('/\.(htm|html|js|php|php\d+|phtml|pl|py|cgi|ksh|sh|bash|bat|cmd|wpk|exe|dmg)$/i', $filename))
+    if (preg_match('/\.(htm|html|js|phar|php|php\d+|phtml|pht|pl|py|cgi|ksh|sh|shtml|bash|bat|cmd|wpk|exe|dmg)$/i', $filename))
     {
         return true;
     }
+    if (preg_match('/^\./', $filename)) {	// We consider file starting with a . as dangerous as executable files. For example .htaccess, .xxx
+		return true;
+    }
     return false;
 }