improve .htaccess security rules:

1. also prevent access to .gitignore 2. make the second security rule work as expected 3. include README.md in security rules
author: Raoul Bhatia <raoul@bhatia.at> 2012-05-23 15:34:33 +0200
committer: Aleksander Machniak <alec@alec.pl> 2012-05-25 13:52:50 +0200
commit: d4d2e427a561d2fc93e6922f7c6d0ea3e8f6f4a9 (patch)
tree: 340b3651f191ff388fd52258d170e0fb1c320167 /.htaccess
parent: 524ead187ac560e2b199bef18b89e46e03b86242 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/.htaccess b/.htaccess
index d5ebe4c20..82afe76de 100644
--- a/.htaccess
+++ b/.htaccess
@@ -30,8 +30,8 @@ php_value	mbstring.func_overload	0
 RewriteEngine On
 RewriteRule ^favicon\.ico$ skins/default/images/favicon.ico
 # security rules
-RewriteRule .git/ - [F]
-RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
+RewriteRule .git - [F]
+RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|SQL|bin|CHANGELOG)$ - [F]
 </IfModule>
 
 <IfModule mod_deflate.c>
author	Raoul Bhatia <raoul@bhatia.at>	2012-05-23 15:34:33 +0200
committer	Aleksander Machniak <alec@alec.pl>	2012-05-25 13:52:50 +0200
commit	d4d2e427a561d2fc93e6922f7c6d0ea3e8f6f4a9 (patch)
tree	340b3651f191ff388fd52258d170e0fb1c320167 /.htaccess
parent	524ead187ac560e2b199bef18b89e46e03b86242 (diff)