blob: 912b0e9d2ba084fc591f27b412560cac6f79d099 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
# The `resources` directory should not be made publicly accessible (i.e., in the public document directory) at all.
# But just in case you're an idiot, this should at least give you protection from exposing passwords and other sensitive info in your .env files.
<IfModule mod_rewrite.c>
RewriteEngine On
## Begin - Security
# Block all direct access to files and folders beginning with a dot
RewriteRule (^\.|/\.) - [F]
# Block access to specific files in the root folder
RewriteRule ^(LICENSE.txt|composer.lock|composer.json|\.htaccess|\.env)$ error [F]
## End - Security
</IfModule>
|
