Skip to content

Commit

Permalink
BUGFIX Disallow web access to cms/silverstripe_version to avoid infor…
Browse files Browse the repository at this point in the history 
…mation leakage (from r114770)

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.4@114771 467b73ca-7a2a-4603-9d3b-597d59a354a9
  • Loading branch information
@chillu
chillu authored and Sam Minnee committed Feb 2, 2011
1 parent 375151c commit 357b868
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 0 deletions.
3 changes: 3 additions & 0 deletions .htaccess
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
<FilesMatch "\.(php|php3|php4|php5|phtml|inc)$">
Deny from all
</FilesMatch>
<FilesMatch "silverstripe_version$">
Deny from all
</FilesMatch>
11 changes: 11 additions & 0 deletions web.config
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
<configuration>
<system.webServer>
<security>
<requestFiltering>
<hiddenSegments>
<add segment="silverstripe_version" />
</hiddenSegments>
</requestFiltering>
</security>
</system.webServer>
</configuration>

0 comments on commit 357b868

Please sign in to comment.