[FIX] security fix: block access to git repo
This commit is contained in:
parent
e4b323e39d
commit
b4546b5ceb
10
.htaccess
10
.htaccess
|
|
@ -10,8 +10,8 @@ RewriteRule ^content/(.*)\.(txt|md|mdown)$ index.php [L]
|
|||
|
||||
# block all files in the site folder from being accessed directly
|
||||
# except for requests to plugin assets files
|
||||
#RewriteRule ^assets/plugins/([a-zA-Z0-9\.\-_%=]+)/(.*)$ site/plugins/$1/assets/$2 [L,N]
|
||||
#RewriteCond $1 !^plugins/[a-zA-Z0-9\.\-_%=]+/assets/.*
|
||||
RewriteRule ^assets/plugins/([a-zA-Z0-9\.\-_%=]+)/(.*)$ site/plugins/$1/assets/$2 [L,N]
|
||||
RewriteCond $1 !^plugins/[a-zA-Z0-9\.\-_%=]+/assets/.*
|
||||
RewriteRule ^site/(.*) index.php [L]
|
||||
|
||||
# block direct access to kirby and the panel sources
|
||||
|
|
@ -33,6 +33,12 @@ RewriteRule ^(.*) index.php [L]
|
|||
# block update scripts
|
||||
RewriteRule ^(.*).sh$ error [R=301,L]
|
||||
|
||||
# block git repo
|
||||
RewriteRule ^.git/(.*) error [R=301,L]
|
||||
RewriteRule ^.gitattributes error [R=301,L]
|
||||
RewriteRule ^.gitignore error [R=301,L]
|
||||
RewriteRule ^.gitmodules error [R=301,L]
|
||||
|
||||
|
||||
# enable gzip compressed transfer
|
||||
<IfModule mod_deflate.c>
|
||||
|
|
|
|||
Loading…
Reference in a new issue