From a756a9525d25622ef5ef8cc909a5605a08b7a205 Mon Sep 17 00:00:00 2001
From: emkael <emkael@tlen.pl>
Date: Tue, 10 Feb 2015 16:14:23 +0100
Subject:  * security hardening

---
 http/foto/.htaccess |  7 +++++++
 http/pic/.htaccess  | 14 +++++++++++++-
 2 files changed, 20 insertions(+), 1 deletion(-)
 create mode 100644 http/foto/.htaccess

diff --git a/http/foto/.htaccess b/http/foto/.htaccess
new file mode 100644
index 0000000..d2b2bb4
--- /dev/null
+++ b/http/foto/.htaccess
@@ -0,0 +1,7 @@
+<Files ~ "\.(?i:gif|jpe?g|png)$">
+    Order allow,deny
+    Allow from all
+</Files>
+
+Order deny,allow
+Deny from all
diff --git a/http/pic/.htaccess b/http/pic/.htaccess
index 65ceb47..a92c220 100644
--- a/http/pic/.htaccess
+++ b/http/pic/.htaccess
@@ -6,4 +6,16 @@ RewriteEngine On
 
 RewriteCond %{SCRIPT_FILENAME} !-f
 RewriteCond %{SCRIPT_FILENAME} !-d
-RewriteRule .* fetch.py [QSA,L]
+RewriteRule \.(gif|jpe?g|png)$ fetch.py [QSA,L]
+
+<Files fetch.py>
+    Order allow,deny
+    Allow from all
+</Files>
+<Files ~ "\.(?i:gif|jpe?g|png)$">
+    Order allow,deny
+    Allow from all
+</Files>
+
+Order deny,allow
+Deny from all
-- 
cgit v1.2.3