matt-bailey/.htaccess

## .htaccess
#
# Whitelist appropriate assets files.
# Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
#
# If you are not using Apache then you can ignore this file.
# If you are using IIS then you should look at assets/web.config instead.
#
# To add an extension to the list, you need to put another string of the form "ext|" on the
# FilesMatch line, inside the parentheses.
#
# For example, to add *.exe files to list of downloadable assets, change this line:
#
#   <FilesMatch "\.(html|htm|xhtml...
#
# To this:
#
#   <FilesMatch "\.(exe|html|htm|xhtml...
#
# Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
# directory.
#
# For compatibility reasons, we include uppercase versions of allowed extensions, as Apache 1.3
# does not support regular expression case insensitive matches using PCRE style.
#
Deny from all
<FilesMatch "\.(?i:html|htm|xhtml|js|css|bmp|png|gif|jpg|jpeg|ico|pcx|tif|tiff|au|mid|midi|mpa|mp3|ogg|m4a|ra|wma|wav|cda|avi|mpg|mpeg|asf|wmv|m4v|mov|mkv|mp4|ogv|webm|swf|flv|ram|rm|doc|docx|txt|rtf|xls|xlsx|pages|ppt|pptx|pps|csv|cab|arj|tar|zip|zipx|sit|sitx|gz|tgz|bz2|ace|arc|pkg|dmg|hqx|jar|xml|pdf|gpx|kml)$">
	Allow from all
</FilesMatch>

# We disable PHP via several methods
# Replace the handler with the default plaintext handler
AddHandler default-handler php phtml php3 php4 php5 inc

<IfModule mod_php5.c>
	# Turn the PHP engine off
	php_flag engine off
</IfModule>
	#
	# Whitelist appropriate assets files.
	# Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
	#
	# If you are not using Apache then you can ignore this file.
	# If you are using IIS then you should look at assets/web.config instead.
	#
	# To add an extension to the list, you need to put another string of the form "ext\|" on the
	# FilesMatch line, inside the parentheses.
	#
	# For example, to add *.exe files to list of downloadable assets, change this line:
	#
	# <FilesMatch "\.(html\|htm\|xhtml...
	#
	# To this:
	#
	# <FilesMatch "\.(exe\|html\|htm\|xhtml...
	#
	# Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
	# directory.
	#
	# For compatibility reasons, we include uppercase versions of allowed extensions, as Apache 1.3
	# does not support regular expression case insensitive matches using PCRE style.
	#
	Deny from all
	<FilesMatch "\.(?i:html\|htm\|xhtml\|js\|css\|bmp\|png\|gif\|jpg\|jpeg\|ico\|pcx\|tif\|tiff\|au\|mid\|midi\|mpa\|mp3\|ogg\|m4a\|ra\|wma\|wav\|cda\|avi\|mpg\|mpeg\|asf\|wmv\|m4v\|mov\|mkv\|mp4\|ogv\|webm\|swf\|flv\|ram\|rm\|doc\|docx\|txt\|rtf\|xls\|xlsx\|pages\|ppt\|pptx\|pps\|csv\|cab\|arj\|tar\|zip\|zipx\|sit\|sitx\|gz\|tgz\|bz2\|ace\|arc\|pkg\|dmg\|hqx\|jar\|xml\|pdf\|gpx\|kml)$">
	Allow from all
	</FilesMatch>

	# We disable PHP via several methods
	# Replace the handler with the default plaintext handler
	AddHandler default-handler php phtml php3 php4 php5 inc

	<IfModule mod_php5.c>
	# Turn the PHP engine off
	php_flag engine off
	</IfModule>