mirror of
https://github.com/silverstripe/silverstripe-cms
synced 2024-10-22 08:05:56 +02:00
BUGFIX Disallow web access to cms/silverstripe_version to avoid information leakage (from r114770)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/branches/2.3@114772 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
parent
d3906c93f5
commit
f3d1b0d08c
@ -1,3 +1,6 @@
|
||||
<Files *.php>
|
||||
<FilesMatch "\.(php|php3|php4|php5|phtml|inc)$">
|
||||
Deny from all
|
||||
</Files>
|
||||
</FilesMatch>
|
||||
<FilesMatch "silverstripe_version$">
|
||||
Deny from all
|
||||
</FilesMatch>
|
11
web.config
Normal file
11
web.config
Normal file
@ -0,0 +1,11 @@
|
||||
<configuration>
|
||||
<system.webServer>
|
||||
<security>
|
||||
<requestFiltering>
|
||||
<hiddenSegments>
|
||||
<add segment="silverstripe_version" />
|
||||
</hiddenSegments>
|
||||
</requestFiltering>
|
||||
</security>
|
||||
</system.webServer>
|
||||
</configuration>
|
Loading…
Reference in New Issue
Block a user