aboutsummaryrefslogtreecommitdiffstats
path: root/.htaccess
blob: 4c1d2c82c300b5b18af3f40acff30c8514adad2f (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
Options -Indexes
AddType application/x-java-archive .jar
AddType audio/ogg .oga
#SSLCipherSuite HIGH:AES256-SHA:AES128-SHA:RC4:!aNULL:!eNULL:!EDH

# don't allow any web access to logfiles, even after rotation/compression
<FilesMatch "\.(out|log|gz)$">
  <IfModule mod_authz_core.c>
    Require all denied
  </IfModule>
  <IfModule !mod_authz_core.c>
    Order deny,allow
    Deny from all
  </IfModule>
</FilesMatch>

<IfModule mod_rewrite.c>
  RewriteEngine on
  # Protect repository directory from browsing
  RewriteRule "(^|/)\.git" - [F]
  RewriteRule "(^|/)store" - [F]

  # Rewrite current-style URLs of the form 'index.php?q=x'.
  # Also place auth information into REMOTE_USER for sites running
  # in CGI mode.

  RewriteCond %{REQUEST_URI} ^/\.well\-known/.*
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.*)$ index.php?q=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
</IfModule>