Apache protect more non-public folders and files (#6881)

* Apache protect more non-public folders * Also protect root * Do the same for /p/ * Simplify Require all denied In case of Apache 2.2, it will just make an error 500 instead of 403 * .htaccess.dist * Simplify * Better comment
author: Alexandre Alapetite <alexandre@alapetite.fr> 2024-10-11 09:25:43 +0200
committer: GitHub <noreply@github.com> 2024-10-11 09:25:43 +0200
commit: 91624037c7d73eb545478aab2f8abc55fc224453 (patch)
tree: c1de6a07d7e30c5e88c3de40fd152e5304722cca /cli
parent: b30a8fa652018025f8ccc6b361823486d04cf390 (diff)
2 files changed, 2 insertions, 22 deletions
diff --git a/cli/.htaccess b/cli/.htaccess
index 32eca30f7..b66e80882 100644
--- a/cli/.htaccess
+++ b/cli/.htaccess
@@ -1,11 +1 @@
-# Apache 2.2
-<IfModule !mod_authz_core.c>
-	Order	Allow,Deny
-	Deny	from all
-	Satisfy	all
-</IfModule>
-
-# Apache 2.4
-<IfModule mod_authz_core.c>
-	Require all denied
-</IfModule>
+Require all denied
diff --git a/cli/prepare.php b/cli/prepare.php
index 414b48cd8..0b9faf044 100755
--- a/cli/prepare.php
+++ b/cli/prepare.php
@@ -25,17 +25,7 @@ foreach ($dirs as $dir) {
 }
 
 file_put_contents(DATA_PATH . '/.htaccess', <<<'EOF'
-# Apache 2.2
-<IfModule !mod_authz_core.c>
-	Order	Allow,Deny
-	Deny	from all
-	Satisfy	all
-</IfModule>
-
-# Apache 2.4
-<IfModule mod_authz_core.c>
-	Require all denied
-</IfModule>
+Require all denied
 
 EOF
 );
author	Alexandre Alapetite <alexandre@alapetite.fr>	2024-10-11 09:25:43 +0200
committer	GitHub <noreply@github.com>	2024-10-11 09:25:43 +0200
commit	91624037c7d73eb545478aab2f8abc55fc224453 (patch)
tree	c1de6a07d7e30c5e88c3de40fd152e5304722cca /cli
parent	b30a8fa652018025f8ccc6b361823486d04cf390 (diff)