diff options
| author | marvin-borner@live.com | 2018-04-14 21:01:44 +0200 |
|---|---|---|
| committer | marvin-borner@live.com | 2018-04-14 21:01:44 +0200 |
| commit | 937100e9bb2a2f5ab035e283e01e6d96e569ee51 (patch) | |
| tree | 48256c7d39bcc00030027ddbe4b0b69c059b1e0e /login/app/.htaccess | |
| parent | 7ac4371989ac19ebbb753402319882c9c49d32dd (diff) | |
Added login things
Diffstat (limited to 'login/app/.htaccess')
| -rwxr-xr-x | login/app/.htaccess | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/login/app/.htaccess b/login/app/.htaccess new file mode 100755 index 0000000..912b0e9 --- /dev/null +++ b/login/app/.htaccess @@ -0,0 +1,15 @@ +# The `resources` directory should not be made publicly accessible (i.e., in the public document directory) at all. +# But just in case you're an idiot, this should at least give you protection from exposing passwords and other sensitive info in your .env files. + +<IfModule mod_rewrite.c> + +RewriteEngine On + +## Begin - Security +# Block all direct access to files and folders beginning with a dot +RewriteRule (^\.|/\.) - [F] +# Block access to specific files in the root folder +RewriteRule ^(LICENSE.txt|composer.lock|composer.json|\.htaccess|\.env)$ error [F] +## End - Security + +</IfModule> |