Page Menu
Home
In-Portal Phabricator
Search
Configure Global Search
Log In
Files
F775801
in-portal
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Subscribers
None
File Metadata
Details
File Info
Storage
Attached
Created
Thu, Feb 6, 6:02 AM
Size
2 KB
Mime Type
text/x-diff
Expires
Sat, Feb 8, 6:02 AM (1 d, 11 h)
Engine
blob
Format
Raw Data
Handle
558314
Attached To
rINP In-Portal
in-portal
View Options
Index: branches/5.0.x/tools/.htaccess
===================================================================
--- branches/5.0.x/tools/.htaccess (revision 12974)
+++ branches/5.0.x/tools/.htaccess (revision 12975)
@@ -1,49 +1,57 @@
### File security
# Exclude direct access to tpl, tpl.xml, inc.php, sql extensions
#
<Files ~ "\.(tpl|tpl.xml|inc.php|sql)$">
order allow,deny
deny from all
</Files>
# Exclude direct access
<Files ~ "(config.php|debug.php)">
order allow,deny
deny from all
</Files>
## Enable mod-rewrite
RewriteEngine On
+###### Rewrite rule to force 'www.' prefix. Use only if needed
+# If your site can be accessed both with and without the 'www.' prefix,
+# use the following setting to redirect all users to access the site with the 'www.'
+# when they access without 'www.'. Uncomment and MAKE sure to adapt for your domain name
+#
+# RewriteCond %{HTTP_HOST} ^example\.com$ [NC]
+# RewriteRule ^(.*)$ http://www.example.com/$1 [L,R=301]
+
###### Rewrite rules to block common hacks
## If you experience problems comment out the operations listed below
## Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [OR]
## Block out any script that includes a <script> tag in URL
RewriteCond %{QUERY_STRING} (<|%3C).*script.*(>|%3E) [NC,OR]
## Block out any script trying to set a PHP GLOBALS variable via URL
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
## Block out any script trying to modify a _REQUEST variable via URL
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
## Send all blocked request to homepage with 403 Forbidden error!
RewriteRule ^(.*)$ index.php [F,L]
## Uncomment line below if FollowSymLinks option is not enabled
## by default in server configuration
#
# Options +FollowSymLinks
## Uncomment following line if your webserver's URL
## is not directly related to physical file paths.
## Update Your In-Portal Directory (just / for root)
#
# RewriteBase /
## In-Portal SEF URLs
#
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/ !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_URI} !\.(gif|jpg|png|js|css|ico|swf)$ [NC]
RewriteRule ^(.*) index.php?rewrite=on&_mod_rw_url_=$1 [QSA]
\ No newline at end of file
Event Timeline
Log In to Comment