From d5d9bdf7bfa3f11cc2edce3407adb0accfd8ef67 Mon Sep 17 00:00:00 2001 From: Oliver Davies Date: Fri, 30 Oct 2020 01:17:32 +0000 Subject: [PATCH] Re-add .htaccess to config directory --- config/.htaccess | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 config/.htaccess diff --git a/config/.htaccess b/config/.htaccess new file mode 100644 index 0000000..25776a3 --- /dev/null +++ b/config/.htaccess @@ -0,0 +1,24 @@ +# Deny all requests from Apache 2.4+. + + Require all denied + + +# Deny all requests from Apache 2.0-2.2. + + Deny from all + + +# Turn off all options we don't need. +Options -Indexes -ExecCGI -Includes -MultiViews + +# Set the catch-all handler to prevent scripts from being executed. +SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006 + + # Override the handler again if we're run later in the evaluation list. + SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003 + + +# If we know how to do it safely, disable the PHP engine entirely. + + php_flag engine off + \ No newline at end of file