diff --git a/.htaccess b/.htaccess
index aa65e8f..132464b 100644
--- a/.htaccess
+++ b/.htaccess
@@ -10,11 +10,20 @@
Deny from all
+# This denies access to all yml files, since developers might include sensitive
+# information in them. See the docs for work-arounds to serve some yaml files
+
+ Order allow,deny
+ Deny from all
+
+
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
RedirectMatch 403 /silverstripe-cache(/|$)
+ RedirectMatch 403 /vendor(/|$)
+ RedirectMatch 403 /composer\.(json|lock)
@@ -23,6 +32,7 @@ ErrorDocument 500 /assets/error-500.html
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
+ RewriteCond %{REQUEST_URI} !\.php$
RewriteRule .* framework/main.php?url=%1 [QSA]
RewriteCond %{REQUEST_URI} ^(.*)/framework/main.php$
diff --git a/mysite/_config.php b/mysite/_config.php
index 92f5022..c577542 100644
--- a/mysite/_config.php
+++ b/mysite/_config.php
@@ -1,18 +1,12 @@
-
-
+
sanitychecks
diff --git a/web.config b/web.config
index a04afa1..56df27f 100644
--- a/web.config
+++ b/web.config
@@ -1,5 +1,18 @@
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file