Attempt to upgrade .htaccess without causing conflict with existing installations.

2024-09-19 15:55:13 +00:00 · 2023-05-20 09:03:11 +10:00 · 2023-05-20 09:03:11 +10:00 · 31c5405fa8
commit 31c5405fa8
parent fdb821a451
4 changed files with 47 additions and 5 deletions
--- a/.gitignore
+++ b/.gitignore
@ -22,6 +22,7 @@ Thumbs.db
 __pycache__

 ## Ignore site specific files and folders
+.htaccess
 .htconfig.php
 .htstartup.php
 .lando.local.yml
--- a/boot.php
+++ b/boot.php
@ -1,6 +1,7 @@
 <?php

 use Code\Lib\Libzot;
+use Code\Storage\Stdio;
 use Code\Web\Session;
 use Code\Web\HttpMeta;
 use Code\Render\SmartyTemplate;
@ -57,6 +58,7 @@ require_once('include/hubloc.php');
 require_once('include/attach.php');
 require_once('include/bbcode.php');
 require_once('include/items.php');
+require_once('include/dba/dba_driver.php');

 function sys_boot() {

@ -67,6 +69,10 @@ function sys_boot() {
        include('.htstartup.php');
    }

+    if(!file_exists('.htaccess')) {
+        Stdio::fcopy('htaccess.dist', '.htaccess');
+    }
+
    // our central App object
    App::init();

@ -89,7 +95,7 @@ function sys_boot() {
     * Try to open the database;
     */

-    require_once('include/dba/dba_driver.php');
+

    if (! App::$install) {
        DBA::dba_factory($db_host, $db_port, $db_user, $db_pass, $db_data, $db_type, App::$install);
--- a/htaccess.dist
+++ b/htaccess.dist
@ -0,0 +1,34 @@
+Options -Indexes
+AddType application/x-java-archive .jar
+AddType audio/ogg .oga
+#SSLCipherSuite HIGH:AES256-SHA:AES128-SHA:RC4:!aNULL:!eNULL:!EDH
+
+# don't allow any web access to logfiles, even after rotation/compression
+<FilesMatch "\.(out|log|gz)$">
+  <IfModule mod_authz_core.c>
+    Require all denied
+  </IfModule>
+  <IfModule !mod_authz_core.c>
+    Order deny,allow
+    Deny from all
+  </IfModule>
+</FilesMatch>
+
+<IfModule mod_rewrite.c>
+  RewriteEngine on
+  # Protect repository directory from browsing
+  RewriteRule "(^|/)\.git" - [F]
+  RewriteRule "(^|/)store" - [F]
+
+  # Rewrite current-style URLs of the form 'index.php?req=x'.
+  # Also place auth information into REMOTE_USER for sites running
+  # in CGI mode.
+
+  RewriteCond %{REQUEST_URI} ^/\.well\-known/.*
+  RewriteRule ^(.*)$ index.php?req=$1 [E=REMOTE_USER:%{HTTP:Authorization},L,QSA]
+
+  RewriteCond %{REQUEST_FILENAME} !-f
+  RewriteCond %{REQUEST_FILENAME} !-d
+  RewriteRule ^(.*)$ index.php?req=$1 "[E=REMOTE_USER:%{HTTP:Authorization},B= ?,L,QSA]"
+</IfModule>
+
--- a/install/INSTALL.txt
+++ b/install/INSTALL.txt
@ -81,10 +81,6 @@ web server platforms.

 2. Unpack the project files into the root of your web server document area.

-    If you copy the directory tree to your webserver, make sure that you
-    also copy .htaccess - as "dot" files are often hidden and aren't normally
-    copied.
-
    - If you are able to do so, we recommend using git to clone the source
    repository rather than to use a packaged tar or zip file.  This makes the
    software much easier to update. The Linux command to clone the repository
@ -102,6 +98,11 @@ web server platforms.
        git pull
        composer install --no-dev

+
+    - If using Apache as your webserver, copy the file "htaccess.dist" to ".htaccess".
+
+        cp htaccess.dist .htaccess
+        
    - make sure the folders "cache/smarty3" and "store" exist and are
    writable by the webserver.