githubFork/roundcubemail.git

githubFork / roundcubemail

Roundcubemail devel

summary
reflog
commits
tree
docs
forks
compare

parent: 85a61738 | patch | commit | ignore whitespace

improve .htaccess security rules:

Raoul Bhatia

2012-05-23 b332e799b4840ff6d83c6e3730dd256ce493d79b

improve .htaccess security rules:

1. also prevent access to .gitignore
2. make the second security rule work as expected
3. include README.md in security rules

1 files modified

.htaccess

4 ●●●●● patch | view | raw | blame | history

 .htaccess

@@ -30,8 +30,8 @@
RewriteEngine On
RewriteRule ^favicon\.ico$ skins/default/images/favicon.ico
# security rules
RewriteRule .git/ - [F]
RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
RewriteRule .git - [F]
RewriteRule ^/?(README(.md)?|INSTALL|LICENSE|SQL|bin|CHANGELOG)$ - [F]
</IfModule>

<IfModule mod_deflate.c>

			@@ -30,8 +30,8 @@
			RewriteEngine On
			RewriteRule ^favicon\.ico$ skins/default/images/favicon.ico
			# security rules
			RewriteRule .git/ - [F]
			RewriteRule ^README\|INSTALL\|LICENSE\|SQL\|bin\|CHANGELOG$ - [F]
			RewriteRule .git - [F]
			RewriteRule ^/?(README(.md)?\|INSTALL\|LICENSE\|SQL\|bin\|CHANGELOG)$ - [F]
			</IfModule>

			<IfModule mod_deflate.c>