From 88934b6132ac22da5a66724943837bf5cae82779 Mon Sep 17 00:00:00 2001
From: Aleksander Machniak <alec@alec.pl>
Date: Tue, 5 Nov 2013 11:20:14 +0100
Subject: Keep all security rules in one place, support Apache 2.4 syntax

---
 .htaccess         | 20 ++++++++++++++------
 config/.htaccess  |  2 --
 logs/.htaccess    |  2 --
 program/.htaccess |  4 ----
 temp/.htaccess    |  2 --
 5 files changed, 14 insertions(+), 16 deletions(-)
 delete mode 100644 config/.htaccess
 delete mode 100644 logs/.htaccess
 delete mode 100644 program/.htaccess
 delete mode 100644 temp/.htaccess

diff --git a/.htaccess b/.htaccess
index 10af3094e..43ab5b04f 100644
--- a/.htaccess
+++ b/.htaccess
@@ -26,17 +26,25 @@ php_value	session.gc_probability	1
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteRule ^favicon\.ico$ skins/larry/images/favicon.ico
+
 # security rules
-RewriteRule \.git - [F]
-RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ - [NC,F]
-RewriteRule ^/?(SQL|bin) - [NC,F]
+RewriteRule ^/?(\.git|SQL|bin|config|logs|temp|tests|program\/(include|lib|localization|steps)) - [F]
+RewriteRule /?(README(.md)?|composer\.json-dist|composer\.json|package\.xml)$ - [F]
 </IfModule>
 
 # deny access to all files not containing a "." (dot)
-# to block access to different README, ChangeLog, etc. files
-# of various skins and plugins.
+# to block access to different README, Changelog, INSTALL, etc.
+# files of various skins and plugins.
 <FilesMatch "^[^\.]+$">
-Deny from all
+    # Apache 2.4
+    <IfModule mod_authz_core.c>
+        Require all denied
+    </IfModule>
+    # Apache 2.2
+    <IfModule !mod_authz_core.c>
+        Order Allow,Deny
+        Deny from all
+    </IfModule>
 </FilesMatch>
 
 <IfModule mod_deflate.c>
diff --git a/config/.htaccess b/config/.htaccess
deleted file mode 100644
index 8e6a345dc..000000000
--- a/config/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-Order allow,deny
-Deny from all 
\ No newline at end of file
diff --git a/logs/.htaccess b/logs/.htaccess
deleted file mode 100644
index 8e6a345dc..000000000
--- a/logs/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-Order allow,deny
-Deny from all 
\ No newline at end of file
diff --git a/program/.htaccess b/program/.htaccess
deleted file mode 100644
index be9e7e25a..000000000
--- a/program/.htaccess
+++ /dev/null
@@ -1,4 +0,0 @@
-<IfModule mod_rewrite.c>
-RewriteEngine On
-RewriteRule !^(js|resources) - [F]
-</IfModule>
diff --git a/temp/.htaccess b/temp/.htaccess
deleted file mode 100644
index 8e6a345dc..000000000
--- a/temp/.htaccess
+++ /dev/null
@@ -1,2 +0,0 @@
-Order allow,deny
-Deny from all 
\ No newline at end of file
-- 
cgit v1.2.3