-
Notifications
You must be signed in to change notification settings - Fork 25
/
Copy path.htaccess
54 lines (45 loc) · 1.46 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
# Database Web API
# @author Marco Cesarato <[email protected]>
# @copyright Copyright (c) 2018
# @license http://opensource.org/licenses/gpl-3.0.html GNU Public License
# @link https://github.com/marcocesarato/Database-Web-API
<IfModule mod_rewrite.c>
RewriteEngine On
Options +FollowSymlinks
Options +SymLinksIfOwnerMatch
Options -MultiViews
RewriteBase /
RewriteCond $0#%{REQUEST_URI} ([^#]*)#(.*)\1$
RewriteRule ^.*$ - [E=CWD:%2]
# Deny some methods
RewriteCond %{REQUEST_METHOD} ^(TRACE|OPTIONS)
RewriteRule .* – [L,F]
RewriteRule .*\.(git|svn|hg).* %{ENV:CWD}index.php [L] # Deny access repo folder
RewriteRule ^(config|composer|docs|.*\.([Hh][Tt][Aa])).* %{ENV:CWD}index.php [L] # Deny access
RewriteRule ^(vendor|hooks|plugins|logs|screenshot|screenshots|screens|docs|documentation|clients)/((.*)\.php)?$ %{ENV:CWD}index.php [L] # Forbidden
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . %{ENV:CWD}index.php [L,QSA]
</IfModule>
# File protection
<Files ~ "^(config|config\.(.*))\.php">
Order Allow,Deny
Deny from all
</Files>
<Files ~ "^(composer)\.(.*)">
Order Allow,Deny
Deny from all
</Files>
<Files ~ "^.*\.([Hh][Tt][Aa])">
Order Allow,Deny
Deny from all
Satisfy all
</Files>
<Files ~ "\.sqlite$">
Order Allow,Deny
Deny from All
</Files>
<FilesMatch "\.(log|md|backup|bak|bk|old|o|zip|tar|gz|rar)$">
Order Allow,Deny
Deny from All
</FilesMatch>