Keep all security rules in one place, support Apache 2.4 syntax

author: Aleksander Machniak <alec@alec.pl> 2013-11-05 11:20:14 +0100
committer: Aleksander Machniak <alec@alec.pl> 2013-11-05 11:20:14 +0100
commit: 88934b6132ac22da5a66724943837bf5cae82779 (patch)
tree: 0af09578b40943a65f80fc0da501e3427ebf0b9c /.htaccess
parent: 540e112bd85875fec851b521dfa1e5d12429fd47 (diff)
1 files changed, 14 insertions, 6 deletions
diff --git a/.htaccess b/.htaccess
index 10af3094e..43ab5b04f 100644
--- a/.htaccess
+++ b/.htaccess
@@ -26,17 +26,25 @@ php_value	session.gc_probability	1
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico
+
 # security rules
-RewriteRule \.git - [F]
-RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ - [NC,F]
-RewriteRule ^/?(SQL|bin) - [NC,F]
+RewriteRule ^/?(\.git|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F]
+RewriteRule /?(README(.md)?|composer\.json-dist|composer\.json|package\.xml)$ - [F]
 </IfModule>
 
 # deny access to all files not containing a "." (dot)
-# to block access to different README, ChangeLog, etc. files
-# of various skins and plugins.
+# to block access to different README, Changelog, INSTALL, etc.
+# files of various skins and plugins.
 <FilesMatch "^[^\.]+$">
-Deny from all
+    # Apache 2.4
+    <IfModule mod_authz_core.c>
+        Require all denied
+    </IfModule>
+    # Apache 2.2
+    <IfModule !mod_authz_core.c>
+        Order Allow,Deny
+        Deny from all
+    </IfModule>
 </FilesMatch>
 
 <IfModule mod_deflate.c>
author	Aleksander Machniak <alec@alec.pl>	2013-11-05 11:20:14 +0100
committer	Aleksander Machniak <alec@alec.pl>	2013-11-05 11:20:14 +0100
commit	88934b6132ac22da5a66724943837bf5cae82779 (patch)
tree	0af09578b40943a65f80fc0da501e3427ebf0b9c /.htaccess
parent	540e112bd85875fec851b521dfa1e5d12429fd47 (diff)