diff options
| -rw-r--r-- | .htaccess.dist | 5 | ||||
| -rw-r--r-- | media/.htaccess | 11 |
2 files changed, 6 insertions, 10 deletions
diff --git a/.htaccess.dist b/.htaccess.dist index 4cd3384df..c77ee05f0 100644 --- a/.htaccess.dist +++ b/.htaccess.dist @@ -1,7 +1,10 @@ ## Enable this to restrict editing to logged in users only +#disable indexes +Options -Indexes + ## make sure nobody gets the htaccess files -<Files ~ "^\.ht"> +<Files ~ "^[\._]ht"> Order allow,deny Deny from all Satisfy All diff --git a/media/.htaccess b/media/.htaccess index ebf9a69e8..9c96d3742 100644 --- a/media/.htaccess +++ b/media/.htaccess @@ -1,9 +1,2 @@ -## The following directives should enhance security in the media -## directory. However they are reported to make some trouble with -## Apache2 and/or when PHP is used as CGI. -## They are not really needed anymore as the upload mechanism -## now is controlled through $conf['uploadtypes'] - but you may want -## to try if they work for you. Some more security is always nice :-) - -# php_value engine off -# AddType text/plain .php .phtml .php3 .html .htm .shtml +order allow,deny
+deny from all
|