Last active
May 2, 2020 16:44
-
-
Save hansspiess/a6f1dce1f4a0f0e79826df641c53a49e to your computer and use it in GitHub Desktop.
Create .htaccess files for standard joomla install to secure folders
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Inside the root directory of the Joomla 3 instance, run these commands to add .htaccess files | |
| # to joomla directories (except ./administrator) that prevent direct access to them. | |
| # Also see https://www.joomla-security.de/dateien-verzeichnisse/htaccess-einstellungen.html | |
| # Generally block access from outside | |
| echo "<Files "*.*"> | |
| Deny from all | |
| </Files>" > ./bin/.htaccess; cp -i ./bin/.htaccess ./cache/.htaccess; cp -i ./bin/.htaccess ./cli/.htaccess; cp -i ./bin/.htaccess ./includes/.htaccess; cp -i ./bin/.htaccess ./language/.htaccess; cp -i ./bin/.htaccess ./layouts/.htaccess; cp -i ./bin/.htaccess ./libraries/.htaccess; cp -i ./bin/.htaccess ./logs/.htaccess; cp -i ./bin/.htaccess ./tmp/.htaccess | |
| # Block all except media files: First, create .htaccess file with | |
| <Files "*.*"> | |
| Deny from all | |
| </Files> | |
| <FilesMatch "\.(js|css|png|jpg|jpeg|gif|ico|flv|swf|woff|woff2|eot|ttf|pdf|webp)$"> | |
| Allow from all | |
| </FilesMatch> | |
| # in ./components/.htaccess | |
| # Then, run | |
| cp -i ./components/.htaccess ./images/.htaccess; cp -i ./components/.htaccess ./media/.htaccess; cp -i ./components/.htaccess ./modules/.htaccess; cp -i ./components/.htaccess ./plugins/.htaccess; cp -i ./components/.htaccess ./templates/.htaccess |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment