Skip to content

Commit

Permalink
Improve directory protection for Apache 2.4
Browse files Browse the repository at this point in the history
  • Loading branch information
@thomascube
thomascube committed May 7, 2015
1 parent 012555c commit 585ee9e
Show file tree
Hide file tree
Showing 4 changed files with 24 additions and 3 deletions.
6 changes: 6 additions & 0 deletions INSTALL
View file
Expand Up @@ -169,6 +169,12 @@ rewrite rules. In order to properly secure your installation, please enable
mod_rewrite for Apache webserver and double check access to the above listed
directories and their contents is denied.

NOTE: In Apache 2.4, support for .htaccess files has been disabled by
default. Therefore you first need to enable this in your Apache main or
virtual host config by with:

AllowOverride all


UPGRADING
=========
Expand Down
7 changes: 6 additions & 1 deletion config/.htaccess
View file
@@ -1,2 +1,7 @@
# deny webserver access to this directory
Deny from all
<ifModule mod_authz_core.c>
Require all denied
</ifModule>
<ifModule !mod_authz_core.c>
Deny from all
</ifModule>
7 changes: 6 additions & 1 deletion logs/.htaccess
View file
@@ -1,2 +1,7 @@
# deny webserver access to this directory
Deny from all
<ifModule mod_authz_core.c>
Require all denied
</ifModule>
<ifModule !mod_authz_core.c>
Deny from all
</ifModule>
7 changes: 6 additions & 1 deletion temp/.htaccess
View file
@@ -1,2 +1,7 @@
# deny webserver access to this directory
Deny from all
<ifModule mod_authz_core.c>
Require all denied
</ifModule>
<ifModule !mod_authz_core.c>
Deny from all
</ifModule>

0 comments on commit 585ee9e

Please sign in to comment.