summaryrefslogtreecommitdiff
path: root/http/pic
diff options
context:
space:
mode:
authoremkael <emkael@tlen.pl>2015-02-10 16:14:23 +0100
committeremkael <emkael@tlen.pl>2015-02-10 16:14:23 +0100
commita756a9525d25622ef5ef8cc909a5605a08b7a205 (patch)
treec1d969524dd0b2fad8d411bc0e8bfdf2925d57e7 /http/pic
parent0373303d7f3fd4a2be7aa89c6bb87da1004cec58 (diff)
* security hardening
Diffstat (limited to 'http/pic')
-rw-r--r--http/pic/.htaccess14
1 files changed, 13 insertions, 1 deletions
diff --git a/http/pic/.htaccess b/http/pic/.htaccess
index 65ceb47..a92c220 100644
--- a/http/pic/.htaccess
+++ b/http/pic/.htaccess
@@ -6,4 +6,16 @@ RewriteEngine On
RewriteCond %{SCRIPT_FILENAME} !-f
RewriteCond %{SCRIPT_FILENAME} !-d
-RewriteRule .* fetch.py [QSA,L]
+RewriteRule \.(gif|jpe?g|png)$ fetch.py [QSA,L]
+
+<Files fetch.py>
+ Order allow,deny
+ Allow from all
+</Files>
+<Files ~ "\.(?i:gif|jpe?g|png)$">
+ Order allow,deny
+ Allow from all
+</Files>
+
+Order deny,allow
+Deny from all