.htaccess

   1 # Disable directory listing
   2 Options -Indexes
   3
   4 RewriteEngine On
   5
   6 # Prevent accessing subdirectories not managed by SCM
   7 RewriteRule ^(.git|doxygen|vendor) - [F]
   8
   9 # Forward the "Authorization" HTTP header
  10 # fixes JWT token not correctly forwarded on some Apache/FastCGI setups
  11 RewriteCond %{HTTP:Authorization} ^(.*)
  12 RewriteRule .* - [e=HTTP_AUTHORIZATION:%1]
  13 # Alternative (if the 2 lines above don't work)
  14 # SetEnvIf Authorization .+ HTTP_AUTHORIZATION=$0
  15
  16 # REST API
  17 # Ionos Hosting needs RewriteBase /
  18 # RewriteBase /
  19 RewriteCond %{REQUEST_FILENAME} !-f
  20 RewriteCond %{REQUEST_FILENAME} !-d
  21 RewriteRule ^ index.php [QSA,L]
  22
  23 <LimitExcept GET POST PUT DELETE PATCH OPTIONS>
  24   <IfModule version_module>
  25     <IfVersion >= 2.4>
  26        Require all denied
  27     </IfVersion>
  28     <IfVersion < 2.4>
  29        Allow from none
  30        Deny from all
  31     </IfVersion>
  32   </IfModule>
  33
  34   <IfModule !version_module>
  35     Require all denied
  36   </IfModule>
  37 </LimitExcept>