From b332e799b4840ff6d83c6e3730dd256ce493d79b Mon Sep 17 00:00:00 2001
From: Raoul Bhatia <raoul@bhatia.at>
Date: Wed, 23 May 2012 15:34:33 +0200
Subject: improve .htaccess security rules:

1. also prevent access to .gitignore
2. make the second security rule work as expected
3. include README.md in security rules
---
 .htaccess | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to '.htaccess')

diff --git a/.htaccess b/.htaccess
index d5ebe4c20..82afe76de 100644
--- a/.htaccess
+++ b/.htaccess
@@ -30,8 +30,8 @@ php_value	mbstring.func_overload	0
 RewriteEngine On
 RewriteRule ^favicon\.ico$ skins/default/images/favicon.ico
 # security rules
-RewriteRule .git/ - [F]
-RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
+RewriteRule .git - [F]
+RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|SQL|bin|CHANGELOG)$ - [F]
 </IfModule>
 
 <IfModule mod_deflate.c>
-- 
cgit v1.2.3