diff options
| author | Aleksander Machniak <alec@alec.pl> | 2013-11-05 00:20:13 -0800 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2013-11-05 00:20:13 -0800 |
| commit | 540e112bd85875fec851b521dfa1e5d12429fd47 (patch) | |
| tree | 8f76c29065ea3e86cd3b07962d0d9b4a02bdcafc | |
| parent | 5e3e4fe0c6f8e8ab1ff29ec685f127281700c953 (diff) | |
| parent | cb3ea1443ee52b0e323869cdf36db658762f58c9 (diff) | |
Merge pull request #148 from raoulbhatia/master
Enhance .htaccess security rules
| -rw-r--r-- | .htaccess | 11 |
1 files changed, 9 insertions, 2 deletions
@@ -28,10 +28,17 @@ RewriteEngine On RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico # security rules RewriteRule \.git - [F] -RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ - [F] -RewriteRule ^/?(SQL|bin) - [F] +RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ - [NC,F] +RewriteRule ^/?(SQL|bin) - [NC,F] </IfModule> +# deny access to all files not containing a "." (dot) +# to block access to different README, ChangeLog, etc. files +# of various skins and plugins. +<FilesMatch "^[^\.]+$"> +Deny from all +</FilesMatch> + <IfModule mod_deflate.c> SetOutputFilter DEFLATE </IfModule> |