47 lines
1.4 KiB
ApacheConf
47 lines
1.4 KiB
ApacheConf
### SILVERSTRIPE START ###
|
|
|
|
# Deny access to templates (but allow from localhost)
|
|
<Files *.ss>
|
|
Require ip 127.0.0.1
|
|
</Files>
|
|
|
|
# Deny access to IIS configuration
|
|
<Files web.config>
|
|
Require all denied
|
|
</Files>
|
|
|
|
# Deny access to YAML configuration files which might include sensitive information
|
|
<Files ~ "\.ya?ml$">
|
|
Require all denied
|
|
</Files>
|
|
|
|
# Route errors to static pages automatically generated by SilverStripe
|
|
ErrorDocument 404 /assets/error-404.html
|
|
ErrorDocument 500 /assets/error-500.html
|
|
|
|
<IfModule mod_rewrite.c>
|
|
|
|
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
|
|
<IfModule mod_dir.c>
|
|
DirectoryIndex disabled
|
|
DirectorySlash On
|
|
</IfModule>
|
|
|
|
SetEnv HTTP_MOD_REWRITE On
|
|
RewriteEngine On
|
|
|
|
# Enable HTTP Basic authentication workaround for PHP running in CGI mode
|
|
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
|
|
|
|
# Deny access to potentially sensitive files and folders
|
|
RewriteRule ^vendor(/|$) - [F,L,NC]
|
|
RewriteRule ^\.env - [F,L,NC]
|
|
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
|
|
RewriteRule composer\.(json|lock) - [F,L,NC]
|
|
RewriteRule (error|silverstripe|debug)\.log - [F,L,NC]
|
|
|
|
# Process through SilverStripe if no file with the requested name exists.
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteRule .* index.php
|
|
</IfModule>
|
|
### SILVERSTRIPE END ###
|