- handleMediaList() now scans content/ recursively for all media files
- URLs use /-media/ prefix mapping directly to content/ (no special cases)
- index.php: added /-media/ route, kept /-assets/ for backward compat
- editor-toolbar.js: fixed editor.on('change') placement (was inside switchMode)
- content-edit.php and content-new.php: back-btn unsaved-changes detection
- Removed unused __editorCleanup global
80 lines
2.0 KiB
ApacheConf
80 lines
2.0 KiB
ApacheConf
# Security - Block access to sensitive files and directories
|
|
<Files ~ "^\.">
|
|
Order allow,deny
|
|
Deny from all
|
|
</Files>
|
|
|
|
<FilesMatch "\.(php|ini|log|conf|config)$">
|
|
Order allow,deny
|
|
Deny from all
|
|
</FilesMatch>
|
|
|
|
# Block access to core directories
|
|
<IfModule mod_authz_core.c>
|
|
<RequireAll>
|
|
Require all granted
|
|
<RequireNone>
|
|
Require all denied
|
|
</RequireNone>
|
|
</RequireAll>
|
|
</IfModule>
|
|
|
|
# Directory protection
|
|
<Directory ~ "^\.|/(config|templates|vendor|cache)/">
|
|
Order allow,deny
|
|
Deny from all
|
|
</Directory>
|
|
|
|
# URL Routing - Route all requests to index.php
|
|
<IfModule mod_rewrite.c>
|
|
RewriteEngine On
|
|
|
|
# Set base directory
|
|
RewriteBase /
|
|
|
|
# Block direct access to PHP files in content directory
|
|
RewriteRule ^content/.*\.php$ - [F,L]
|
|
|
|
# Route all non-file/non-directory requests to index.php
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteRule ^(.*)$ index.php [QSA,L]
|
|
|
|
# Allow access to assets
|
|
RewriteCond %{REQUEST_FILENAME} -f
|
|
RewriteRule ^assets/.*$ - [L]
|
|
|
|
# Allow access to content assets
|
|
RewriteRule ^content/assets/.*$ - [L]
|
|
|
|
# Serve files from content/-assets/ via index.php
|
|
RewriteRule ^-assets/.*$ index.php [L]
|
|
|
|
# Block direct access to all other content files
|
|
RewriteRule ^content/.*$ - [F,L]
|
|
</IfModule>
|
|
|
|
# Security headers
|
|
<IfModule mod_headers.c>
|
|
Header always set X-Content-Type-Options nosniff
|
|
Header always set X-Frame-Options DENY
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
Header always set Referrer-Policy "strict-origin-when-cross-origin"
|
|
</IfModule>
|
|
|
|
# PHP settings
|
|
<IfModule mod_php.c>
|
|
php_flag display_errors Off
|
|
php_flag log_errors On
|
|
php_value error_log /var/log/php_errors.log
|
|
php_value max_execution_time 30
|
|
php_value memory_limit 128M
|
|
php_value upload_max_filesize 10M
|
|
php_value post_max_size 10M
|
|
</IfModule>
|
|
|
|
# Default index file
|
|
DirectoryIndex index.php
|
|
|
|
# Error handling
|
|
ErrorDocument 404 /index.php |