protect symfony resource files

2024-09-16 19:35:13 +00:00 · 2024-05-13 07:08:35 +10:00 · 2024-05-13 07:08:35 +10:00 · d57f9a3630
commit d57f9a3630
parent 2118b2aeaf
2 changed files with 2 additions and 1 deletions
--- a/.gitignore
+++ b/.gitignore
@ -22,6 +22,7 @@ Thumbs.db
 __pycache__

 ## Ignore site specific files and folders
+.env*
 .htaccess
 .htconfig.php
 .htstartup.php
--- a/htaccess.dist
+++ b/htaccess.dist
@ -3,7 +3,7 @@ AddType audio/ogg .oga
 CGIPassAuth On

 # don't allow any web access to logfiles, even after rotation/compression
-<FilesMatch "\.(out|log|gz)$">
+<FilesMatch "\.(out|log|gz|env)$">
  <IfModule mod_authz_core.c>
    Require all denied
  </IfModule>