mirror of
https://github.com/humhub/humhub.git
synced 2025-01-17 14:18:27 +01:00
41 lines
1.1 KiB
Plaintext
41 lines
1.1 KiB
Plaintext
# check if RewriteModule is availbale
|
|
<IfModule mod_rewrite.c>
|
|
RewriteEngine on
|
|
|
|
# uncomment if you're using a subdomain example: http://yourdomain.com/humhub
|
|
#RewriteBase /subdomain
|
|
|
|
# uncomment to force https requests
|
|
#RewriteCond %{HTTPS} !=on
|
|
#RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/[0-9a-zA-Z_-]+$ [NC]
|
|
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
|
|
|
|
|
|
# prevent httpd from serving dotfiles (.htaccess, .svn, .git, etc.) - except let's encrypt challenge
|
|
RedirectMatch 403 ^/?\.(?!/well-known/acme-challenge/[\w-]{43}$)
|
|
|
|
RewriteCond %{REQUEST_URI}::$1 ^(/.+)/(.*)::\2$
|
|
RewriteRule ^(.*) - [E=BASE:%1]
|
|
|
|
# Sets the HTTP_AUTHORIZATION header removed by apache
|
|
RewriteCond %{HTTP:Authorization} .
|
|
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
|
|
|
RewriteCond %{REQUEST_FILENAME} -f
|
|
RewriteRule .? - [L]
|
|
|
|
RewriteRule .? %{ENV:BASE}/index.php [L]
|
|
|
|
</IfModule>
|
|
|
|
# Config files from vendor should not be readable via browser
|
|
<FilesMatch "composer.json">
|
|
Order Allow,Deny
|
|
Deny from All
|
|
</FilesMatch>
|
|
|
|
<FilesMatch "composer.lock">
|
|
Order Allow,Deny
|
|
Deny from All
|
|
</FilesMatch>
|