htaccess: prevent accessing resources not managed by SCM
See: - https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/ - https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing - https://httpd.apache.org/docs/current/mod/mod_rewrite.html Signed-off-by: VirtualTam <virtualtam@flibidi.net>
This commit is contained in:
VirtualTam
parent
91f17fc92a
commit
cabf1b6bec
1 changed files with 8 additions and 0 deletions
|
|
@ -1,4 +1,12 @@
|
|||
# Disable directory listing
|
||||
Options -Indexes
|
||||
|
||||
RewriteEngine On
|
||||
|
||||
# Prevent accessing subdirectories not managed by SCM
|
||||
RewriteRule ^(.git|doxygen|vendor) - [F]
|
||||
|
||||
# REST API
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule ^ index.php [QSA,L]
|
||||
|
|
|
|||
Loading…
Reference in a new issue