Created
April 8, 2013 21:41
-
-
Save kevboutin/5340759 to your computer and use it in GitHub Desktop.
This is a default addition to httpd.conf via Include for security purposes.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ---------------------------------------------------------------------- | |
| # A little more security | |
| # ---------------------------------------------------------------------- | |
| # To avoid displaying the exact version number of Apache being used, add the | |
| # following to httpd.conf (it will not work in .htaccess): | |
| # ServerTokens Prod | |
| # "-Indexes" will have Apache block users from browsing folders without a | |
| # default document Usually you should leave this activated, because you | |
| # shouldn't allow everybody to surf through every folder on your server (which | |
| # includes rather private places like CMS system folders). | |
| <IfModule mod_autoindex.c> | |
| Options -Indexes | |
| </IfModule> | |
| # Block access to "hidden" directories or files whose names begin with a | |
| # period. This includes directories used by version control systems such as | |
| # Subversion or Git. | |
| <IfModule mod_rewrite.c> | |
| RewriteCond %{SCRIPT_FILENAME} -d [OR] | |
| RewriteCond %{SCRIPT_FILENAME} -f | |
| RewriteRule "(^|/)\." - [F] | |
| </IfModule> | |
| # Block access to backup and source files. These files may be left by some | |
| # text/html editors and pose a great security danger, when anyone can access | |
| # them. | |
| <FilesMatch "(\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$"> | |
| Order allow,deny | |
| Deny from all | |
| Satisfy All | |
| </FilesMatch> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment