e517eac396
Deny access to all dot files and dirs by default (except .well-known) Update nginx rules accordingly and pass denied requests to Pico rather than letting nginx send a 404 response
23 lines
736 B
ApacheConf
23 lines
736 B
ApacheConf
<IfModule mod_rewrite.c>
|
|
RewriteEngine On
|
|
# May be required to access sub directories
|
|
#RewriteBase /
|
|
|
|
# Deny access to internal dirs and files by passing the URL to Pico
|
|
RewriteRule ^(config|content|content-sample|lib|vendor)(/|$) index.php [L]
|
|
RewriteRule ^(CHANGELOG\.md|composer\.(json|lock))(/|$) index.php [L]
|
|
RewriteRule (^\.|/\.)(?!well-known(/|$)) index.php [L]
|
|
|
|
# Enable URL rewriting
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteRule ^ index.php [L]
|
|
|
|
<IfModule mod_env.c>
|
|
# Let Pico know about available URL rewriting
|
|
SetEnv PICO_URL_REWRITING 1
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
# Prevent file browsing
|
|
Options -Indexes -MultiViews
|