46 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			ApacheConf
		
	
	
	
	
	
			
		
		
	
	
			46 lines
		
	
	
		
			1.4 KiB
		
	
	
	
		
			ApacheConf
		
	
	
	
	
	
| # Prevent Directory Listing
 | |
| <IfModule autoindex>
 | |
| 	IndexIgnore *
 | |
| </IfModule>
 | |
| 
 | |
| <IfModule mod_rewrite.c>
 | |
|     # Prevent Directory Listing
 | |
|     <IfModule mod_negotiation.c>
 | |
|         Options -MultiViews -Indexes
 | |
|     </IfModule>
 | |
| 
 | |
|     RewriteEngine On
 | |
| 
 | |
|     # Prevent Direct Access to Protected Files
 | |
|     <FilesMatch "(?i)(^artisan$|\.env|\.log)">
 | |
|         # Apache 2.2 syntax
 | |
|         <IfModule !mod_authz_core.c>
 | |
|             Order deny,allow
 | |
|             Deny from all
 | |
|         </IfModule>
 | |
|         # Apache 2.4 syntax
 | |
|         <IfModule mod_authz_core.c>
 | |
|             Require all denied
 | |
|         </IfModule>
 | |
|     </FilesMatch>
 | |
| 
 | |
|     # Prevent Direct Access To Protected Folders
 | |
|     RewriteRule ^(app|bootstrap|config|database|overrides|resources|routes|storage|tests)/(.*) / [L,R=301]
 | |
| 
 | |
|     # Prevent Direct Access To modules/vendor Folders Except Assets
 | |
|     RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]
 | |
| 
 | |
|     # Redirect Trailing Slashes If Not A Folder...
 | |
|     RewriteCond %{REQUEST_FILENAME} !-d
 | |
|     RewriteRule ^(.*)/$ /$1 [L,R=301]
 | |
| 
 | |
|     # Send Requests To Front Controller...
 | |
|     RewriteCond %{REQUEST_FILENAME} !-d
 | |
|     RewriteCond %{REQUEST_FILENAME} !-f
 | |
|     RewriteRule ^ index.php [L]
 | |
| 
 | |
|     # Handle Authorization Header
 | |
|     RewriteCond %{HTTP:Authorization} .
 | |
|     RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
 | |
| </IfModule>
 |