From 4b1d5d6e384fc5bddff8ee1c7cb35b8ea9c84bf3 Mon Sep 17 00:00:00 2001
From: alecpl <alec@alec.pl>
Date: Sat, 2 Jul 2011 08:20:15 +0000
Subject: Improve .htaccess rules to make it less easy to fingerprint roundcube
 version by denying access to files and stoping directory indexes (#1484066)

---
 .htaccess | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to '.htaccess')

diff --git a/.htaccess b/.htaccess
index 704779e2e..2bc9f95ea 100644
--- a/.htaccess
+++ b/.htaccess
@@ -29,6 +29,9 @@ php_value	mbstring.func_overload	0
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteRule ^favicon.ico$ skins/default/images/favicon.ico
+# security rules
+RewriteRule .svn/ - [F]
+RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
 </IfModule>
 
 <IfModule mod_deflate.c>
@@ -46,5 +49,4 @@ ExpiresDefault "access plus 1 month"
 </IfModule>
 
 FileETag MTime Size
-
-
+Options -Indexes
-- 
cgit v1.2.3