2010-11-18 06:08:12 +01:00
|
|
|
#
|
|
|
|
# Whitelist appropriate assets files.
|
|
|
|
# Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
|
|
|
|
#
|
|
|
|
# If you are not using Apache then you can ignore this file.
|
|
|
|
# If you are using IIS then you should look at assets/web.config instead.
|
|
|
|
#
|
|
|
|
# To add an extension to the list, you need to put another string of the form "ext|" on the
|
|
|
|
# FilesMatch line, inside the parentheses.
|
|
|
|
#
|
|
|
|
# For example, to add *.exe files to list of downloadable assets, change this line:
|
|
|
|
#
|
|
|
|
# <FilesMatch "\.(html|htm|xhtml...
|
|
|
|
#
|
|
|
|
# To this:
|
|
|
|
#
|
|
|
|
# <FilesMatch "\.(exe|html|htm|xhtml...
|
|
|
|
#
|
|
|
|
# Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
|
|
|
|
# directory.
|
|
|
|
#
|
|
|
|
Deny from all
|
|
|
|
<FilesMatch "\.(html|htm|xhtml|js|css|bmp|png|gif|jpg|jpeg|ico|pcx|tif|tiff|au|mid|midi|mpa|mp3|ogg|m4a|ra|wma|wav|cda|avi|mpg|mpeg|asf|wmv|m4v|mov|mkv|mp4|swf|flv|ram|rm|doc|docx|txt|rtf|xls|xlsx|pages|ppt|pptx|pps|csv|cab|arj|tar|zip|zipx|sit|sitx|gz|tgz|bz2|ace|arc|pkg|dmg|hqx|jar|xml|pdf)$">
|
|
|
|
Allow from all
|
|
|
|
</FilesMatch>
|
|
|
|
|
|
|
|
# We disable PHP via several methods
|
|
|
|
# Replace the handler with the default plaintext handler
|
|
|
|
AddHandler default-handler php phtml php3 php4 php5 inc
|
|
|
|
|
|
|
|
<IfModule mod_php5.c>
|
|
|
|
# Turn the PHP engine off
|
|
|
|
php_flag engine off
|
|
|
|
</IfModule>
|