Moved .htaccess & added rules.

- deny all requests for server side only files - allow only the index.php in src/
2025-04-22 10:52:11 +00:00 · 2019-03-29 00:08:22 +01:00 · 2019-03-29 00:08:22 +01:00 · fb3249fa74
commit fb3249fa74
parent 19ad5c54ee
2 changed files with 36 additions and 4 deletions
--- a/.htaccess
+++ b/.htaccess
@ -0,0 +1,36 @@
+# Apache version required 2.x
+
+<IfModule mod_rewrite.c>
+	RewriteEngine On
+
+	RewriteCond %{REQUEST_FILENAME} !-f [OR]
+	RewriteCond %{REQUEST_FILENAME} -f
+
+	RewriteRule ^(.*)$ src/index.php [L]
+</IfModule>
+
+
+# RedirectMatch 403 ^/vendor/*$
+ErrorDocument 403 /src/index.php
+
+
+<FilesMatch ".*\.(php|html|twig|json)$">
+	<IfVersion < 2.4>
+		Order Allow,Deny
+		Deny from all
+	</IfVersion>
+	<IfVersion >= 2.4>
+		Require all denied
+	</IfVersion>
+</FilesMatch>
+
+# on donne l'autorisation d'acceder au fichier handler.php (sinon le site ne sera pas foncitonnel)
+<FilesMatch "^index.php">
+	<IfVersion < 2.4>
+		Order Allow,Deny
+		Allow from all
+	</IfVersion>
+	<IfVersion >= 2.4>
+		Require all granted
+	</IfVersion>
+</FilesMatch>
--- a/src/.htaccess
+++ b/src/.htaccess
@ -1,4 +0,0 @@
-RewriteEngine on
-
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^(.*)$ ./index.php [L,QSA]