Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F773764
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Sun, Feb 2, 9:42 PM
Size
2 KB
Mime Type
text/x-diff
Expires
Tue, Feb 4, 9:42 PM (3 h, 52 m)
Engine
blob
Format
Raw Data
Handle
556942
Attached To
rINP In-Portal
in-portal
View Options
Index: branches/5.1.x/tools/.htaccess
===================================================================
--- branches/5.1.x/tools/.htaccess (nonexistent)
+++ branches/5.1.x/tools/.htaccess (revision 13377)
@@ -0,0 +1,4 @@
+<Files ~ "\.(sh|php-dist)$">
+ order allow,deny
+ deny from all
+</Files>
\ No newline at end of file
Index: branches/5.1.x/.htaccess
===================================================================
--- branches/5.1.x/.htaccess (nonexistent)
+++ branches/5.1.x/.htaccess (revision 13377)
@@ -0,0 +1,57 @@
+### File security
+# Exclude direct access to tpl, tpl.xml, inc.php, sql extensions
+#
+<Files ~ "\.(tpl|tpl.xml|inc.php|sql)$">
+ order allow,deny
+ deny from all
+</Files>
+
+# Exclude direct access
+<Files ~ "(config.php|debug.php)">
+ order allow,deny
+ deny from all
+</Files>
+
+## Enable mod-rewrite
+RewriteEngine On
+
+###### Rewrite rule to force 'www.' prefix. Use only if needed
+# If your site can be accessed both with and without the 'www.' prefix,
+# use the following setting to redirect all users to access the site with the 'www.'
+# when they access without 'www.'. Uncomment and MAKE sure to adapt for your domain name
+#
+# RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
+# RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
+
+###### Rewrite rules to block common hacks
+## If you experience problems comment out the operations listed below
+## Block out any script trying to base64_encode crap to send via URL
+RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
+## Block out any script that includes a <script> tag in URL
+RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
+## Block out any script trying to set a PHP GLOBALS variable via URL
+RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
+## Block out any script trying to modify a _REQUEST variable via URL
+RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
+## Send all blocked request to homepage with 403 Forbidden error!
+RewriteRule ^(.*)$ index.php [F,L]
+
+## Uncomment line below if FollowSymLinks option is not enabled
+## by default in server configuration
+#
+# Options +FollowSymLinks
+
+## Uncomment following line if your webserver's URL
+## is not directly related to physical file paths.
+## Update Your In-Portal Directory (just / for root)
+#
+# RewriteBase /
+
+## In-Portal SEF URLs
+#
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME}/ !-f
+RewriteCond %{REQUEST_FILENAME}/index.php !-f
+RewriteCond %{REQUEST_FILENAME}/index.html !-f
+RewriteCond %{REQUEST_URI} !\.(gif|jpg|png|js|css|ico|swf)$ [NC]
+RewriteRule ^(.*) index.php?rewrite=on&_mod_rw_url_=$1 [QSA]
\ No newline at end of file
Event Timeline
Log In to Comment