mirror of
https://github.com/silverstripe/silverstripe-framework
synced 2024-10-22 14:05:37 +02:00
Improve .htaccess commenting
Done alongside improvements of the execution-pipeline.md docs. Installer comment taken from d5723f7.
This commit is contained in:
parent
646a57c324
commit
5babab81ee
@ -1496,24 +1496,26 @@ HTML;
|
||||
else $baseClause = "";
|
||||
$modulePath = FRAMEWORK_NAME;
|
||||
$rewrite = <<<TEXT
|
||||
# Deny access to templates (but allow from localhost)
|
||||
<Files *.ss>
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from 127.0.0.1
|
||||
</Files>
|
||||
|
||||
# Deny access to IIS configuration
|
||||
<Files web.config>
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
</Files>
|
||||
|
||||
# This denies access to all yml files, since developers might include sensitive
|
||||
# information in them. See the docs for work-arounds to serve some yaml files
|
||||
# Deny access to YAML configuration files which might include sensitive information
|
||||
<Files *.yml>
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
</Files>
|
||||
|
||||
# Route errors to static pages automatically generated by SilverStripe
|
||||
ErrorDocument 404 /assets/error-404.html
|
||||
ErrorDocument 500 /assets/error-500.html
|
||||
|
||||
@ -1522,10 +1524,13 @@ ErrorDocument 500 /assets/error-500.html
|
||||
RewriteEngine On
|
||||
$baseClause
|
||||
|
||||
# Deny access to potentially sensitive files and folders
|
||||
RewriteRule ^vendor(/|$) - [F,L,NC]
|
||||
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
|
||||
RewriteRule composer\.(json|lock) - [F,L,NC]
|
||||
|
||||
# Process through SilverStripe if no file with the requested name exists.
|
||||
# Pass through the original path as a query parameter, and retain the existing parameters.
|
||||
RewriteCond %{REQUEST_URI} ^(.*)$
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteRule .* $modulePath/main.php?url=%1 [QSA]
|
||||
|
Loading…
Reference in New Issue
Block a user