aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.htaccess11
-rw-r--r--util/.htaccess11
-rw-r--r--view/.htaccess10
3 files changed, 23 insertions, 9 deletions
diff --git a/.htaccess b/.htaccess
index 39fd89e04..7f3935117 100644
--- a/.htaccess
+++ b/.htaccess
@@ -5,7 +5,13 @@ AddType audio/ogg .oga
# don't allow any web access to logfiles, even after rotation/compression
<FilesMatch "\.(out|log|gz)$">
-Deny from all
+ <IfModule mod_authz_core.c>
+ Require all denied
+ </IfModule>
+ <IfModule !mod_authz_core.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
</FilesMatch>
<IfModule mod_rewrite.c>
@@ -14,7 +20,6 @@ Deny from all
RewriteRule "(^|/)\.git" - [F]
RewriteRule "(^|/)store" - [F]
-
# Rewrite current-style URLs of the form 'index.php?q=x'.
# Also place auth information into REMOTE_USER for sites running
# in CGI mode.
@@ -22,6 +27,4 @@ Deny from all
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
-
</IfModule>
-
diff --git a/util/.htaccess b/util/.htaccess
index b311c14c2..a0a0d72d9 100644
--- a/util/.htaccess
+++ b/util/.htaccess
@@ -1,5 +1,10 @@
Options -Indexes
-# Remove the following line or modify it to run the string translator utility
-Deny from all
-
+# Remove the following lines or modify it to run the string translator utility
+<IfModule mod_authz_core.c>
+ Require all denied
+</IfModule>
+<IfModule !mod_authz_core.c>
+ Order deny,allow
+ Deny from all
+</IfModule>
diff --git a/view/.htaccess b/view/.htaccess
index 559a5fcc0..7aa6c4506 100644
--- a/view/.htaccess
+++ b/view/.htaccess
@@ -1,3 +1,9 @@
<FilesMatch "\.tpl">
-Deny from all
-</FilesMatch> \ No newline at end of file
+ <IfModule mod_authz_core.c>
+ Require all denied
+ </IfModule>
+ <IfModule !mod_authz_core.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
+</FilesMatch>