Deny access to dot files and folders

2018-05-04 03:57:48 +02:00 · 2018-05-04 03:57:48 +02:00 · 979701668d
parent 61bf3af041
commit 979701668d
1 changed files with 4 additions and 3 deletions
--- a/.htaccess
+++ b/.htaccess
@ -45,9 +45,10 @@ ErrorDocument 500 /assets/error-500.html
 	
 	# Deny access to potentially sensitive files and folders
 	RewriteRule ^vendor(/|$) - [F,L,NC]
-	RewriteRule silverstripe-cache(/|$) - [F,L,NC]
-	RewriteRule composer\.(json|lock) - [F,L,NC]
-	
+	RewriteRule ^silverstripe-cache(/|$) - [F,L,NC]
+	RewriteRule ^composer\.(json|lock)$ - [F,L,NC]
+	RewriteRule ^\. - [F,L,NC]
+
 	# Process through SilverStripe if no file with the requested name exists.
 	# Pass through the original path as a query parameter, and retain the existing parameters.
 	RewriteCond %{REQUEST_URI} ^(.*)$