summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoremkael <emkael@tlen.pl>2015-02-10 16:14:23 +0100
committeremkael <emkael@tlen.pl>2015-02-10 16:14:23 +0100
commita756a9525d25622ef5ef8cc909a5605a08b7a205 (patch)
treec1d969524dd0b2fad8d411bc0e8bfdf2925d57e7
parent0373303d7f3fd4a2be7aa89c6bb87da1004cec58 (diff)
* security hardening
-rw-r--r--http/foto/.htaccess7
-rw-r--r--http/pic/.htaccess14
2 files changed, 20 insertions, 1 deletions
diff --git a/http/foto/.htaccess b/http/foto/.htaccess
new file mode 100644
index 0000000..d2b2bb4
--- /dev/null
+++ b/http/foto/.htaccess
@@ -0,0 +1,7 @@
+<Files ~ "\.(?i:gif|jpe?g|png)$">
+ Order allow,deny
+ Allow from all
+</Files>
+
+Order deny,allow
+Deny from all
diff --git a/http/pic/.htaccess b/http/pic/.htaccess
index 65ceb47..a92c220 100644
--- a/http/pic/.htaccess
+++ b/http/pic/.htaccess
@@ -6,4 +6,16 @@ RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
-RewriteRule .* fetch.py [QSA,L]
+RewriteRule \.(gif|jpe?g|png)$ fetch.py [QSA,L]
+
+<Files fetch.py>
+ Order allow,deny
+ Allow from all
+</Files>
+<Files ~ "\.(?i:gif|jpe?g|png)$">
+ Order allow,deny
+ Allow from all
+</Files>
+
+Order deny,allow
+Deny from all