]> git.immae.eu Git - github/shaarli/Shaarli.git/commitdiff
projects / github / shaarli / Shaarli.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 06ca7c1)
htaccess: prevent accessing resources not managed by SCM
authorVirtualTam <virtualtam@flibidi.net>
Sat, 20 Jan 2018 15:20:53 +0000 (16:20 +0100)
committerVirtualTam <virtualtam@flibidi.net>
Sun, 25 Mar 2018 17:41:39 +0000 (19:41 +0200)
See:
- https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/
- https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing
- https://httpd.apache.org/docs/current/mod/mod_rewrite.html

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
.htaccess patch | blob | blame | history

diff --git a/.htaccess b/.htaccess
index 66ef8f69ce39e127dc266c9ab3727c4b8be4f9fa..19dd72a805e7b3bd170c87aabb25ad4764ca179a 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -1,4 +1,12 @@
+# Disable directory listing
+Options -Indexes
+
 RewriteEngine On
+
+# Prevent accessing subdirectories not managed by SCM
+RewriteRule ^(.git|doxygen|vendor) - [F]
+
+# REST API
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^ index.php [QSA,L]
The personal, minimalist, super-fast, database free, bookmarking service - community repo