Pico/.htaccess
Daniel Rudolf e517eac396
Improve .htaccess regex
Deny access to all dot files and dirs by default (except .well-known)

Update nginx rules accordingly and pass denied requests to Pico rather than letting nginx send a 404 response
2017-12-24 13:58:42 +01:00

23 lines
736 B
ApacheConf

<IfModule mod_rewrite.c>
RewriteEngine On
# May be required to access sub directories
#RewriteBase /
# Deny access to internal dirs and files by passing the URL to Pico
RewriteRule ^(config|content|content-sample|lib|vendor)(/|$) index.php [L]
RewriteRule ^(CHANGELOG\.md|composer\.(json|lock))(/|$) index.php [L]
RewriteRule (^\.|/\.)(?!well-known(/|$)) index.php [L]
# Enable URL rewriting
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [L]
<IfModule mod_env.c>
# Let Pico know about available URL rewriting
SetEnv PICO_URL_REWRITING 1
</IfModule>
</IfModule>
# Prevent file browsing
Options -Indexes -MultiViews