Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- diff --git a/assets/.htaccess b/assets/.htaccess
- index ac6412a..ff02f99 100644
- --- a/assets/.htaccess
- +++ b/assets/.htaccess
- @@ -1,2 +1,29 @@
- -RemoveHandler .php .phtml .php3 .php4 .php5 .inc
- -RemoveType .php .phtml .php3 .php4 .php5 .inc
- +# We disable PHP via several methods
- +# Replace the handler with the default plaintext handler
- +AddHandler default-handler php phtml php3 php4 php5 inc
- +
- +# Whitelist appropriate assets files.
- +# Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
- +#
- +# To add an extension to the list, you need to put another string of the form "ext|" on the
- +# FilesMatch line, inside the parentheses.
- +#
- +# For example, to add *.exe files to list, change this line:
- +#
- +# <FilesMatch "\.(html|htm|xhtml...
- +#
- +# To this:
- +#
- +# <FilesMatch "\.(exe|html|htm|xhtml...
- +#
- +# Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
- +# directory.
- +#
- +Deny from all
- +<FilesMatch "\.(html|htm|xhtml|js|css|bmp|png|gif|jpg|jpeg|ico|pcx|tif|tiff|au|mid|midi|mpa|mp3|ogg|m4a|ra|wma|wav|cda|avi|mpg|mpeg|asf|wmv|m4v|mov|mkv|mp4|swf|flv|ram|rm|doc|docx|txt|rtf|xls|xlsx|pages|ppt|pptx|pps|csv|cab|arj|tar|zip|zipx|sit|sitx|gz|tgz|bz2|ace|arc|pkg|dmg|hqx|jar|xml|pdf)$">
- + Allow from all
- +</FilesMatch>
- +
- +# Turn the PHP engine off
- +php_flag engine off
- +
Add Comment
Please, Sign In to add comment