Commit Graph

60 Commits

Author SHA1 Message Date
Damian Mooyman
f54ff29a02 API Remove BlockUntrustedIPs 2017-05-11 09:31:23 +12:00
Zauberfisch
d7834c5ae7 Block common log file names in .htaccess 2017-02-19 11:10:21 +00:00
Daniel Hensby
5d778fa2a5 Merge pull request #152 from open-sausages/pulls/4.0/disable-trailing-slash-redirect
Disable trailing slash redirect for dirs
2017-02-02 10:10:47 +00:00
Ingo Schommer
63948d8064 Disable trailing slash redirect for dirs
If you're running mod_dir on Apache, and create a route which matches a directory name
(such as 'framework'), "GET /framework" will result in a 301 to "/framework/?url=framework".
While the SilverStripe routing might decide to enforce trailing slash rules later,
Apache shouldn't have any business here.

The specific bug this fixes was redirecting "/graphql" to "/graphql/",
with the silverstripe/graphql module installed.

See https://httpd.apache.org/docs/current/mod/mod_dir.html#directoryslash
2017-02-02 21:03:09 +13:00
Daniel Hensby
06b475896d
NEW Add .env support 2017-02-01 11:26:46 +00:00
Damian Mooyman
d467b16bf2 Ensure BlockUntrustedProxyHeaders is enabled by default 2015-06-02 12:29:23 +12:00
Damian Mooyman
e759ffbcdc Enforce trusted proxy servers 2015-05-28 10:03:42 +12:00
Daniel Hensby
066fd84452 FIX Requests to root dir circumvent index.php
fixes #58
2015-02-16 16:36:23 +00:00
Corey Sewell
9b2b0b5c31 Fix #80 2015-01-20 13:28:05 +13:00
Damian Mooyman
4d8ab05f90 Revert #78
Fixes #79
2015-01-12 17:38:50 +13:00
Corey Sewell
b2ee11a7be Add rewrite rule to enable Basic auithentication workaround for PHP running in CGI mode
See https://github.com/silverstripe/silverstripe-framework/pull/3689
2014-12-09 07:36:46 +13:00
Ingo Schommer
e1649cf74f Improve .htaccess commenting
Done alongside improvements of the execution-pipeline.md docs.
Installer comment taken from d5723f7b0e
2014-11-19 08:31:04 +13:00
Simon Welsh
91d79860bd Don't block rewriting .php URLs 2014-08-16 22:01:27 +10:00
colymba
aa07a0edd8 BUGFIX #34 Only block root vendor folder
Use RewriteRule instead to take in account any subfolder via RewriteBase. Deny ss-cache and composer via RewriteRule too.

Move to RewriteRules
2014-02-18 22:37:49 +13:00
Simon Welsh
4fd75527dc Block access to .yaml files as well as .yml 2013-07-01 12:59:31 +12:00
Hamish Friedlander
becc5baa34 API Block all yaml files by default, to reduce the change of information leakage 2013-02-17 22:16:11 +01:00
Ingo Schommer
494bfc7863 Merge remote-tracking branch 'origin/2.4' into 3.0
Conflicts:
	build.xml
	composer.json
	install.php
	phpunit.xml.dist
2013-02-15 19:19:23 +01:00
Ingo Schommer
23523175f3 API Filter composer files in IIS and Apache rules (fixes #8011)
They can expose version information, so shouldn't be accessible
through the web. The better solution of course is to move
to a public/ subfolder application structure.
2013-02-15 19:13:41 +01:00
Sean Harvey
d74da7ba29 Fixing .htaccess to ignore rewriting PHP files directly 2012-12-04 14:34:54 +13:00
Sam Minnee
7898f89fb3 Reverted junk-commits from "Removed .mergesources.yml, not used since the dark SVN days"
This partially reverts commit 744605d21a.
2012-11-09 10:00:11 +13:00
Ingo Schommer
744605d21a Removed .mergesources.yml, not used since the dark SVN days 2012-11-08 14:03:39 +01:00
Simon Welsh
1a532faa60 API-CHANGE sapphire folder can now be renamed. 2012-04-14 12:53:12 +12:00
Hamish Friedlander
d5723f7b0e BUGFIX: If sapphire hasn't been installed as subdirectory, give error message rather than erroring out with a 500 or a php error 2011-10-29 15:53:41 +13:00
Ingo Schommer
e4031aa344 MINOR Using QSA RewriteRule flag in .htaccess instead of manually appending (fixes #6593, thanks smares) 2011-04-14 21:07:17 +12:00
sharvey
fba76de203 ENHANCEMENT Installer now has a fallback for mod_rewrite detection by setting an environment variable in .htaccess when "<IfModule mod_rewrite.c>" directive is satisfied
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@112973 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:56 +13:00
sharvey
a870ea1aa3 #5870 Block web requests to silverstripe-cache directory via htaccess RedirectMatch rule or web.config hiddenSegments functionality if using IIS 7.x
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@110241 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:54 +13:00
sharvey
f5245c7b0f ENHANCEMENT ErrorDocument in default .htaccess so Apache serves default 404 and 500 server error pages
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@108663 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:54 +13:00
phalkunz
e8db5c30c1 MINOR: revert -r102275
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@102276 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:52 +13:00
phalkunz
a04df99154 MINOR: remove unnecessary expression
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@102275 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:52 +13:00
sharvey
958d75869f MINOR Reverted r101354 and r101356 (see #3826)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@101404 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:52 +13:00
sharvey
934fbf9a88 MINOR Added comment to empty .htaccess file
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@101356 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:51 +13:00
sharvey
008267b299 BUGFIX #3826 Removed initial .htaccess contents to make installation of SS easier - the installer doesn't need any rewriting available initially
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@101354 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:51 +13:00
sharvey
ba357293b8 MINOR Reverted r98980
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98997 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:48 +13:00
trix
a4cf4672b4 MINOR fix typo
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98980 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:48 +13:00
sharvey
b27645b7ac MINOR Partially reverted r98887 re-adding the web.config permissions in .htaccess
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98889 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:47 +13:00
sharvey
2a47151ef5 MINOR Tabbing out of <Files> directive contents in .htaccess
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98888 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:47 +13:00
sharvey
fefd00cf1e BUGFIX If mod_rewrite isn't enabled on Apache, a 500 server error won't be generated which prevents the installer from opening and telling you there's no rewrite support
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@98887 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:47 +13:00
ischommer
17764cf273 ENHANCEMENT Removed extension specific RewriteCond from .htaccess, install.php and rewritetest.php to allow for broader range of dynamically handled extensions (e.g. generating GIF files through SilverStripe controllers). See #2958
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@97791 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:46 +13:00
sharvey
52891a4ecf ENHANCEMENT Easier installation for IIS based configurations by providing the web.config file out of the box, an inaccessible file on Apache based web servers
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@93255 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:45 +13:00
ischommer
0074be8942 Removed DirectorySlash update from installer's default htaccess as it breaks some installation targets (from r67085) (from r92231)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92272 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:44 +13:00
ischommer
9288a062e8 MINOR Reverted accidental commit from r92260
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92261 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:43 +13:00
ischommer
1d6f9318b7 MINOR Mergeinfo
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/branches/2.4@92260 467b73ca-7a2a-4603-9d3b-597d59a354a9
2011-02-02 18:56:43 +13:00
sharvey
945a28f33a MINOR Merged r112269 through r113912 from phpinstaller/branches/2.4
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@113914 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-11-18 05:08:12 +00:00
sminnee
5a20fbed64 #5870 Block web requests to silverstripe-cache directory via htaccess RedirectMatch rule or web.config hiddenSegments functionality if using IIS 7.x (from r110241)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112417 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 01:19:01 +00:00
sminnee
991ec354b1 ENHANCEMENT ErrorDocument in default .htaccess so Apache serves default 404 and 500 server error pages (from r108663)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112415 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-15 01:18:46 +00:00
sminnee
044b0f0f80 BUGFIX If mod_rewrite isn't enabled on Apache, a 500 server error won't be generated which prevents the installer from opening and telling you there's no rewrite support (from r98887)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112108 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 02:53:34 +00:00
sminnee
dd015ff76a ENHANCEMENT Removed extension specific RewriteCond from .htaccess, install.php and rewritetest.php to allow for broader range of dynamically handled extensions (e.g. generating GIF files through SilverStripe controllers). See #2958 (from r97791)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112091 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 02:32:36 +00:00
sminnee
eebff68f46 ENHANCEMENT Easier installation for IIS based configurations by providing the web.config file out of the box, an inaccessible file on Apache based web servers (from r93255)
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@112086 467b73ca-7a2a-4603-9d3b-597d59a354a9
2010-10-13 02:22:49 +00:00
ischommer
a0cedd3fb5 MINOR Partially reverted r92439, accidental commit to .htaccess
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92877 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 10:36:20 +00:00
ischommer
844acb217d MINOR: Updating mergeinfo to ignore mergebacks
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/phpinstaller/trunk@92439 467b73ca-7a2a-4603-9d3b-597d59a354a9
2009-11-21 00:42:47 +00:00