From b4546b5ceb0f8f60b0b1843e54ba55189595a9bd Mon Sep 17 00:00:00 2001
From: Jannik Beyerstedt <code@jannikbeyerstedt.de>
Date: Mon, 20 Aug 2018 13:19:37 +0200
Subject: [PATCH] [FIX] security fix: block access to git repo

---
 .htaccess | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/.htaccess b/.htaccess
index 79dbcfd..84d2441 100644
--- a/.htaccess
+++ b/.htaccess
@@ -10,8 +10,8 @@ RewriteRule ^content/(.*)\.(txt|md|mdown)$ index.php [L]
 
 # block all files in the site folder from being accessed directly
 # except for requests to plugin assets files
-#RewriteRule ^assets/plugins/([a-zA-Z0-9\.\-_%=]+)/(.*)$ site/plugins/$1/assets/$2 [L,N]
-#RewriteCond $1 !^plugins/[a-zA-Z0-9\.\-_%=]+/assets/.*
+RewriteRule ^assets/plugins/([a-zA-Z0-9\.\-_%=]+)/(.*)$ site/plugins/$1/assets/$2 [L,N]
+RewriteCond $1 !^plugins/[a-zA-Z0-9\.\-_%=]+/assets/.*
 RewriteRule ^site/(.*) index.php [L]
 
 # block direct access to kirby and the panel sources
@@ -33,6 +33,12 @@ RewriteRule ^(.*) index.php [L]
 # block update scripts
 RewriteRule ^(.*).sh$ error [R=301,L]
 
+# block git repo
+RewriteRule ^.git/(.*) error [R=301,L]
+RewriteRule ^.gitattributes error [R=301,L]
+RewriteRule ^.gitignore error [R=301,L]
+RewriteRule ^.gitmodules error [R=301,L]
+
 
 # enable gzip compressed transfer
 <IfModule mod_deflate.c>