Prevents Apache from serving CLI scripts

2024-11-09 16:22:56 +00:00 · 2020-09-07 05:43:20 -04:00 · 2020-09-07 05:43:20 -04:00 · 3bd8b81154
commit 3bd8b81154
parent b530ef709d
3 changed files with 15 additions and 2 deletions
--- a/.gitignore
+++ b/.gitignore
@ -71,8 +71,8 @@ venv/
 /addons
 /addon

-#ignore .htaccess
-.htaccess
+#ignore base .htaccess
+/.htaccess

 #ignore filesystem storage default path
 /storage
--- a/.htaccess-dist
+++ b/.htaccess-dist
@ -1,3 +1,6 @@
+# This file is meant to be copied to ".htaccess" on Apache-powered web servers.
+# The created .htaccess file can be edited manually and will not be overwritten by Friendica updates.
+
 Options -Indexes
 AddType application/x-java-archive .jar
 AddType audio/ogg .oga
--- a/bin/.htaccess
+++ b/bin/.htaccess
@ -0,0 +1,10 @@
+# This file prevents browser access to Friendica command-line scripts on Apache-powered web servers.
+# It isn't meant to be edited manually, please check the base Friendica folder for the .htaccess-dist file instead.
+
+<IfModule authz_host_module>
+    Require all denied
+</IfModule>
+<IfModule !authz_host_module>
+    Order Allow,Deny
+    Deny from all
+</IfModule>