mirror of
https://github.com/FreshRSS/FreshRSS.git
synced 2025-12-23 21:47:44 -05:00
e24d9f39fb
* Fix .htaccess.dist for access to /scripts/vendor/ fix https://github.com/FreshRSS/FreshRSS/issues/7596 * Exclude extensions folder, which may be mounted as volume without .htaccess
13 lines
526 B
Plaintext
13 lines
526 B
Plaintext
# Copy this file to `.htaccess` for additional root-level protection
|
|
# if you cannot set Apache `DocumentRoot` to `./p/` as recommended.
|
|
|
|
# Deny files starting with a dot or without extension or with specific extensions
|
|
<FilesMatch "^\.|^[^.]+$|\.(config\.js|gz|md|neon|sqlite|xml|ya?ml|zip)$">
|
|
Require all denied
|
|
</FilesMatch>
|
|
|
|
# Deny some sub-folders, which may not be excluded by their own .htaccess
|
|
<If "%{REQUEST_URI} =~ m#(?<!/p/scripts)/(bin|data|extensions|node_modules|vendor|\..+)(/|$)#">
|
|
Require all denied
|
|
</If>
|