Improve .htaccess rules to make it less easy to fingerprint roundcube version

by denying access to files and stoping directory indexes (#1484066)
release-0.6
alecpl 14 years ago
parent 02e079f917
commit 4b1d5d6e38

@ -29,6 +29,9 @@ php_value mbstring.func_overload 0
<IfModule mod_rewrite.c> <IfModule mod_rewrite.c>
RewriteEngine On RewriteEngine On
RewriteRule ^favicon.ico$ skins/default/images/favicon.ico RewriteRule ^favicon.ico$ skins/default/images/favicon.ico
# security rules
RewriteRule .svn/ - [F]
RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
</IfModule> </IfModule>
<IfModule mod_deflate.c> <IfModule mod_deflate.c>
@ -46,5 +49,4 @@ ExpiresDefault "access plus 1 month"
</IfModule> </IfModule>
FileETag MTime Size FileETag MTime Size
Options -Indexes

@ -0,0 +1,4 @@
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule !^js|.*\.gif$ - [F]
</IfModule>
Loading…
Cancel
Save