diff options
| author | alecpl <alec@alec.pl> | 2011-07-02 08:20:15 +0000 |
|---|---|---|
| committer | alecpl <alec@alec.pl> | 2011-07-02 08:20:15 +0000 |
| commit | 4b1d5d6e384fc5bddff8ee1c7cb35b8ea9c84bf3 (patch) | |
| tree | 9b1755aa5f2529d58cfd37a826bfd81c83d87d53 | |
| parent | 02e079f9170539a639a9f42248829faeb7c17ae3 (diff) | |
Improve .htaccess rules to make it less easy to fingerprint roundcube version
by denying access to files and stoping directory indexes (#1484066)
| -rw-r--r-- | .htaccess | 6 | ||||
| -rw-r--r-- | program/.htaccess | 4 |
2 files changed, 8 insertions, 2 deletions
@@ -29,6 +29,9 @@ php_value mbstring.func_overload 0 <IfModule mod_rewrite.c> RewriteEngine On RewriteRule ^favicon.ico$ skins/default/images/favicon.ico +# security rules +RewriteRule .svn/ - [F] +RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F] </IfModule> <IfModule mod_deflate.c> @@ -46,5 +49,4 @@ ExpiresDefault "access plus 1 month" </IfModule> FileETag MTime Size - - +Options -Indexes diff --git a/program/.htaccess b/program/.htaccess new file mode 100644 index 000000000..4ad1b9d12 --- /dev/null +++ b/program/.htaccess @@ -0,0 +1,4 @@ +<IfModule mod_rewrite.c> +RewriteEngine On +RewriteRule !^js|.*\.gif$ - [F] +</IfModule> |