E.Noorlander/CodePress
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
CodePress/public/.htaccess
Edwin Noorlander 2e5672ee60 Add secure public directory structure with .htaccess 
- Created public/ directory for web-accessible files
- Moved content and assets to public/ subdirectories
- Added .htaccess files for security and routing
- Updated config.php to use public/content path
- Blocked direct access to PHP files and sensitive directories
- Added URL routing to index.php
- Enhanced security headers and PHP settings
2025-11-19 14:00:03 +01:00

76 lines
1.9 KiB
ApacheConf
Raw Blame History

# Security - Block access to sensitive files and directories
<Files ~ "^\.">
Order allow,deny
Deny from all
</Files>
<FilesMatch "\.(php|ini|log|conf|config)$">
Order allow,deny
Deny from all
</FilesMatch>
# Block access to core directories
<IfModule mod_authz_core.c>
<RequireAll>
Require all granted
<RequireNone>
Require all denied
</RequireNone>
</RequireAll>
</IfModule>
# Directory protection
<Directory ~ "^\.|/(config|templates|vendor|cache)/">
Order allow,deny
Deny from all
</Directory>
# URL Routing - Route all requests to index.php
<IfModule mod_rewrite.c>
RewriteEngine On
# Set base directory
RewriteBase /
# Block direct access to PHP files in content directory
RewriteRule ^content/.*\.php$ - [F,L]
# Route all non-file/non-directory requests to index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php [QSA,L]
# Allow access to assets
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule ^assets/.*$ - [L]
# Allow access to content files (except PHP)
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !\.php$
RewriteRule ^content/.*$ - [L]
</IfModule>
# Security headers
<IfModule mod_headers.c>
Header always set X-Content-Type-Options nosniff
Header always set X-Frame-Options DENY
Header always set X-XSS-Protection "1; mode=block"
Header always set Referrer-Policy "strict-origin-when-cross-origin"
</IfModule>
# PHP settings
<IfModule mod_php.c>
php_flag display_errors Off
php_flag log_errors On
php_value error_log /var/log/php_errors.log
php_value max_execution_time 30
php_value memory_limit 128M
php_value upload_max_filesize 10M
php_value post_max_size 10M
</IfModule>
# Default index file
DirectoryIndex index.php
# Error handling
ErrorDocument 404 /index.php
Reference in New Issue View Git Blame Copy Permalink