lekoala/silverstripe-devtoolkit/master/ressources/.htaccess - Htaccess File

lekoala/silverstripe-devtoolkit/master/ressources/.htaccess

### SILVERSTRIPE START ###

# Deny access to templates (but allow from localhost)
<Files *.ss>
  Order deny,allow
  Deny from all
  Allow from 127.0.0.1
</Files>

# Deny access to IIS configuration
<Files web.config>
  Order deny,allow
  Deny from all
</Files>

# Deny access to YAML configuration files which might include sensitive information
<Files ~ ".ya?ml$">
  Order allow,deny
  Deny from all
</Files>

# Deny access to log files
<Files *.log>
  Order deny,allow
  Deny from all
</Files>

# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html

<IfModule mod_rewrite.c>

  # Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
  <IfModule mod_dir.c>
    DirectoryIndex disabled
  </IfModule>

  SetEnv HTTP_MOD_REWRITE On
  RewriteEngine On
  # Sometimes you need a rewrite base according to your server configuration
  RewriteBase '/'

  # Private assets rules
  RewriteCond %{REQUEST_URI} /assets/private [NC,OR]
  RewriteCond %{REQUEST_URI} /assets/owner [NC]
  RewriteCond %{REQUEST_FILENAME} .(pdf|zip|rar|7z|doc|docx|xls|xlsx|ppt|pptx)$ [NC]
  RewriteRule .* devtoolkitassets?file=%{REQUEST_FILENAME}&%{QUERY_STRING} [L,NC]

  # Fix index.php access
  RewriteRule ^index.php/(.*)$ /$1 [R=301,L]
  RewriteRule index.php / [R=301,L]

  # Enable HTTP Basic authentication workaround for PHP running in CGI mode
  RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

  # Deny access to potentially sensitive files and folders
  RewriteRule ^vendor(/|$) - [F,L,NC]
  RewriteRule silverstripe-cache(/|$) - [F,L,NC]
  RewriteRule composer.(json|lock) - [F,L,NC]

  # Process through SilverStripe if no file with the requested name exists.
  # Pass through the original path as a query parameter, and retain the existing parameters.
  RewriteCond %{REQUEST_URI} ^(.*)$
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule .* framework/main.php?url=%1 [QSA]

  # If framework isn't in a subdirectory, rewrite to installer
  RewriteCond %{REQUEST_URI} ^(.*)/framework/main.php$
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule . %1/install.php? [R,L]

</IfModule>
### SILVERSTRIPE END ###

On Github License

Files

Download PDF of Htaccess file
QUERY_STRING, REQUEST_FILENAME, REQUEST_URI, static

Comments

Apache