-
Notifications
You must be signed in to change notification settings - Fork 5
Expand file tree
/
Copy path.htaccess
More file actions
28 lines (23 loc) · 882 Bytes
/
.htaccess
File metadata and controls
28 lines (23 loc) · 882 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
RewriteEngine On
# Block access to sensitive files at root level
<FilesMatch "^(\.env|\.env\..+|\.git.*|\.installed|composer\.(json|lock)|package(-lock)?\.json|CLAUDE\.md)$">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</FilesMatch>
# Prevent directory browsing
Options -Indexes
# Exclude installer and scripts from rewrite (allow direct access)
RewriteCond %{REQUEST_URI} (^|/)installer(/|$) [NC,OR]
RewriteCond %{REQUEST_URI} (^|/)scripts/manual-upgrade\.php$ [NC]
RewriteRule ^ - [L]
# Allow direct access to calendar files (.ics) for subscription URLs
RewriteCond %{REQUEST_URI} ^/storage/calendar/.*\.ics$ [NC]
RewriteRule ^ - [L]
# Redirect everything else to /public/
RewriteCond %{REQUEST_URI} !^/public/
RewriteRule ^(.*)$ public/$1 [L,QSA]