From fb3249fa747b8128cd71b22db1b41ba5cf0b0739 Mon Sep 17 00:00:00 2001
From: Avior <florian.bouillon@delta-wings.net>
Date: Fri, 29 Mar 2019 00:08:22 +0100
Subject: [PATCH] Moved .htaccess & added rules. - deny all requests for server
 side only files - allow only the index.php in src/

---
 .htaccess     | 36 ++++++++++++++++++++++++++++++++++++
 src/.htaccess |  4 ----
 2 files changed, 36 insertions(+), 4 deletions(-)
 create mode 100644 .htaccess
 delete mode 100644 src/.htaccess

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..eadd3fa
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1,36 @@
+# Apache version required 2.x
+
+<IfModule mod_rewrite.c>
+	RewriteEngine On
+
+	RewriteCond %{REQUEST_FILENAME} !-f [OR]
+	RewriteCond %{REQUEST_FILENAME} -f
+
+	RewriteRule ^(.*)$ src/index.php [L]
+</IfModule>
+
+
+# RedirectMatch 403 ^/vendor/*$
+ErrorDocument 403 /src/index.php
+
+
+<FilesMatch ".*\.(php|html|twig|json)$">
+	<IfVersion < 2.4>
+		Order Allow,Deny
+		Deny from all
+	</IfVersion>
+	<IfVersion >= 2.4>
+		Require all denied
+	</IfVersion>
+</FilesMatch>
+
+# on donne l'autorisation d'acceder au fichier handler.php (sinon le site ne sera pas foncitonnel)
+<FilesMatch "^index.php">
+	<IfVersion < 2.4>
+		Order Allow,Deny
+		Allow from all
+	</IfVersion>
+	<IfVersion >= 2.4>
+		Require all granted
+	</IfVersion>
+</FilesMatch>
diff --git a/src/.htaccess b/src/.htaccess
deleted file mode 100644
index 7d55645..0000000
--- a/src/.htaccess
+++ /dev/null
@@ -1,4 +0,0 @@
-RewriteEngine on
-
-RewriteCond %{REQUEST_FILENAME} !-f
-RewriteRule ^(.*)$ ./index.php [L,QSA]