htaccess: prevent accessing resources not managed by SCM

See: - https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/ - https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing - https://httpd.apache.org/docs/current/mod/mod_rewrite.html Signed-off-by: VirtualTam <virtualtam@flibidi.net>
author: VirtualTam <virtualtam@flibidi.net> 2018-01-20 16:20:53 +0100
committer: VirtualTam <virtualtam@flibidi.net> 2018-03-25 19:41:39 +0200
commit: 4c2f51256f2c914a10c0c7aa59311c5862d2a480 (patch)
tree: 7c6657c2998adbdd15c1fa0a70383fb8bfc9820b
parent: 06ca7c102ba058d99f19e614023c539dbdb58b36 (diff)
download: Shaarli-4c2f51256f2c914a10c0c7aa59311c5862d2a480.tar.gz
Shaarli-4c2f51256f2c914a10c0c7aa59311c5862d2a480.tar.zst
Shaarli-4c2f51256f2c914a10c0c7aa59311c5862d2a480.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/.htaccess b/.htaccess
index 66ef8f69..19dd72a8 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,4 +1,12 @@
+# Disable directory listing
+Options -Indexes
 RewriteEngine On
+# Prevent accessing subdirectories not managed by SCM
+RewriteRule ^(.git|doxygen|vendor) - [F]
+# REST API
 RewriteCond %{REQUEST_FILENAME} !-f
 RewriteCond %{REQUEST_FILENAME} !-d
 RewriteRule ^ index.php [QSA,L]
author	VirtualTam <virtualtam@flibidi.net>	2018-01-20 16:20:53 +0100
committer	VirtualTam <virtualtam@flibidi.net>	2018-03-25 19:41:39 +0200
commit	4c2f51256f2c914a10c0c7aa59311c5862d2a480 (patch)
tree	7c6657c2998adbdd15c1fa0a70383fb8bfc9820b
parent	06ca7c102ba058d99f19e614023c539dbdb58b36 (diff)
download	Shaarli-4c2f51256f2c914a10c0c7aa59311c5862d2a480.tar.gz Shaarli-4c2f51256f2c914a10c0c7aa59311c5862d2a480.tar.zst Shaarli-4c2f51256f2c914a10c0c7aa59311c5862d2a480.zip

diff --git a/.htaccess b/.htaccess index 66ef8f69..19dd72a8 100644 --- a/.htaccess +++ b/.htaccess
@@ -1,4 +1,12 @@
		1	# Disable directory listing
		2	Options -Indexes
		3
1	RewriteEngine On	4	RewriteEngine On
		5
		6	# Prevent accessing subdirectories not managed by SCM
		7	RewriteRule ^(.git\|doxygen\|vendor) - [F]
		8
		9	# REST API
2	RewriteCond %{REQUEST_FILENAME} !-f	10	RewriteCond %{REQUEST_FILENAME} !-f
3	RewriteCond %{REQUEST_FILENAME} !-d	11	RewriteCond %{REQUEST_FILENAME} !-d
4	RewriteRule ^ index.php [QSA,L]	12	RewriteRule ^ index.php [QSA,L]