From 91624037c7d73eb545478aab2f8abc55fc224453 Mon Sep 17 00:00:00 2001
From: Alexandre Alapetite <alexandre@alapetite.fr>
Date: Fri, 11 Oct 2024 09:25:43 +0200
Subject: Apache protect more non-public folders and files (#6881)

* Apache protect more non-public folders

* Also protect root

* Do the same for /p/

* Simplify Require all denied
In case of Apache 2.2, it will just make an error 500 instead of 403

* .htaccess.dist

* Simplify

* Better comment
---
 lib/.htaccess  | 12 +-----------
 lib/index.html | 13 +++++++++++++
 2 files changed, 14 insertions(+), 11 deletions(-)
 create mode 100644 lib/index.html

(limited to 'lib')

diff --git a/lib/.htaccess b/lib/.htaccess
index 32eca30f7..b66e80882 100644
--- a/lib/.htaccess
+++ b/lib/.htaccess
@@ -1,11 +1 @@
-# Apache 2.2
-<IfModule !mod_authz_core.c>
-	Order	Allow,Deny
-	Deny	from all
-	Satisfy	all
-</IfModule>
-
-# Apache 2.4
-<IfModule mod_authz_core.c>
-	Require all denied
-</IfModule>
+Require all denied
diff --git a/lib/index.html b/lib/index.html
new file mode 100644
index 000000000..85faaa37e
--- /dev/null
+++ b/lib/index.html
@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-GB" lang="en-GB">
+<head>
+<meta charset="UTF-8" />
+<meta http-equiv="Refresh" content="0; url=/" />
+<title>Redirection</title>
+<meta name="robots" content="noindex" />
+</head>
+
+<body>
+<p><a href="/">Redirection</a></p>
+</body>
+</html>
-- 
cgit v1.2.3