mirror_php/humhub
1
0
Fork 0
mirror of https://github.com/humhub/humhub.git synced 2025-01-17 22:28:51 +01:00
Code Issues Projects Releases Wiki Activity

[security] Update .htaccess

Browse Source 
Access to composer files should not be world readable as a malicious user could find information on outdated libraries.
This commit is contained in:
James 2017-02-06 22:26:13 +01:00 committed by GitHub
parent a1208b3a15
commit 879345414e
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.htaccess.dist
View File

@ -18,3 +18,14 @@ RewriteRule .? - [L]
RewriteRule .? %{ENV:BASE}/index.php [L] RewriteRule .? %{ENV:BASE}/index.php [L]
</IfModule> </IfModule>
# Config files from vendor should not be readable via browser
<FilesMatch "composer.json">
Order Allow,Deny
Deny from All
</FilesMatch>
<FilesMatch "composer.lock">
Order Allow,Deny
Deny from All
</FilesMatch>