htaccess: prevent accessing resources not managed by SCM
See: - https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/ - https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing - https://httpd.apache.org/docs/current/mod/mod_rewrite.html Signed-off-by: VirtualTam <virtualtam@flibidi.net>
This commit is contained in:
parent
06ca7c102b
commit
4c2f51256f
1 changed files with 8 additions and 0 deletions
|
@ -1,4 +1,12 @@
|
||||||
|
# Disable directory listing
|
||||||
|
Options -Indexes
|
||||||
|
|
||||||
RewriteEngine On
|
RewriteEngine On
|
||||||
|
|
||||||
|
# Prevent accessing subdirectories not managed by SCM
|
||||||
|
RewriteRule ^(.git|doxygen|vendor) - [F]
|
||||||
|
|
||||||
|
# REST API
|
||||||
RewriteCond %{REQUEST_FILENAME} !-f
|
RewriteCond %{REQUEST_FILENAME} !-f
|
||||||
RewriteCond %{REQUEST_FILENAME} !-d
|
RewriteCond %{REQUEST_FILENAME} !-d
|
||||||
RewriteRule ^ index.php [QSA,L]
|
RewriteRule ^ index.php [QSA,L]
|
||||||
|
|
Loading…
Reference in a new issue