From 937100e9bb2a2f5ab035e283e01e6d96e569ee51 Mon Sep 17 00:00:00 2001
From: marvin-borner@live.com
Date: Sat, 14 Apr 2018 21:01:44 +0200
Subject: Added login things

---
 login/app/.htaccess | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100755 login/app/.htaccess

(limited to 'login/app/.htaccess')

diff --git a/login/app/.htaccess b/login/app/.htaccess
new file mode 100755
index 0000000..912b0e9
--- /dev/null
+++ b/login/app/.htaccess
@@ -0,0 +1,15 @@
+# The `resources` directory should not be made publicly accessible (i.e., in the public document directory) at all.
+# But just in case you're an idiot, this should at least give you protection from exposing passwords and other sensitive info in your .env files.
+
+<IfModule mod_rewrite.c>
+
+RewriteEngine On
+
+## Begin - Security
+# Block all direct access to files and folders beginning with a dot
+RewriteRule (^\.|/\.) - [F]
+# Block access to specific files in the root folder
+RewriteRule ^(LICENSE.txt|composer.lock|composer.json|\.htaccess|\.env)$ error [F]
+## End - Security
+
+</IfModule>
-- 
cgit v1.2.3