summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2013-11-05 11:20:14 +0100
committerAleksander Machniak <alec@alec.pl>2013-11-05 11:20:14 +0100
commit88934b6132ac22da5a66724943837bf5cae82779 (patch)
tree0af09578b40943a65f80fc0da501e3427ebf0b9c
parent540e112bd85875fec851b521dfa1e5d12429fd47 (diff)
Keep all security rules in one place, support Apache 2.4 syntax
Diffstat
-rw-r--r--.htaccess20
-rw-r--r--config/.htaccess2
-rw-r--r--logs/.htaccess2
-rw-r--r--program/.htaccess4
-rw-r--r--temp/.htaccess2
5 files changed, 14 insertions, 16 deletions
diff --git a/.htaccess b/.htaccess
index 10af3094e..43ab5b04f 100644
--- a/.htaccess
+++ b/.htaccess
@@ -26,17 +26,25 @@ php_value session.gc_probability 1
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico
+
# security rules
-RewriteRule \.git - [F]
-RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ - [NC,F]
-RewriteRule ^/?(SQL|bin) - [NC,F]
+RewriteRule ^/?(\.git|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F]
+RewriteRule /?(README(.md)?|composer\.json-dist|composer\.json|package\.xml)$ - [F]
</IfModule>
# deny access to all files not containing a "." (dot)
-# to block access to different README, ChangeLog, etc. files
-# of various skins and plugins.
+# to block access to different README, Changelog, INSTALL, etc.
+# files of various skins and plugins.
<FilesMatch "^[^\.]+$">
-Deny from all
+ # Apache 2.4
+ <IfModule mod_authz_core.c>
+ Require all denied
+ </IfModule>
+ # Apache 2.2
+ <IfModule !mod_authz_core.c>
+ Order Allow,Deny
+ Deny from all
+ </IfModule>
</FilesMatch>
<IfModule mod_deflate.c>
diff --git a/config/.htaccess b/config/.htaccess
deleted file mode 100644
index 8e6a345dc..000000000
--- a/config/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-Order allow,deny
-Deny from all \ No newline at end of file
diff --git a/logs/.htaccess b/logs/.htaccess
deleted file mode 100644
index 8e6a345dc..000000000
--- a/logs/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-Order allow,deny
-Deny from all \ No newline at end of file
diff --git a/program/.htaccess b/program/.htaccess
deleted file mode 100644
index be9e7e25a..000000000
--- a/program/.htaccess
+++ /dev/null
@@ -1,4 +0,0 @@
-<IfModule mod_rewrite.c>
-RewriteEngine On
-RewriteRule !^(js|resources) - [F]
-</IfModule>
diff --git a/temp/.htaccess b/temp/.htaccess
deleted file mode 100644
index 8e6a345dc..000000000
--- a/temp/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-Order allow,deny
-Deny from all \ No newline at end of file
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-26 18:37:47 +0000