waqas
/
Akaunting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

eat: add OpenLiteSpeed rewrite rule for protected files 

- Added a rewrite rule to block direct access to sensitive files (.env, .log, artisan)
  for OpenLiteSpeed environments.
- Retained the existing <FilesMatch> block for Apache compatibility.
- Ensures that both Apache and OpenLiteSpeed users have proper protection for protected files.
This commit is contained in:
Kasper Nowak 2025-02-05 18:40:26 +01:00 committed by GitHub
parent fa83ee7bc3
commit 8ca80ba745
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.htaccess
View File

@ -24,6 +24,10 @@
</IfModule> </IfModule>
</FilesMatch> </FilesMatch>
# Prevent Direct Access to Protected Files (OpenLiteSpeed syntax)
RewriteCond %{REQUEST_URI} (^|/)(\.env|\.log|artisan)$ [NC]
RewriteRule .* - [F,L]
# Prevent Direct Access To Protected Folders # Prevent Direct Access To Protected Folders
RewriteRule ^(app|bootstrap|config|database|overrides|resources|routes|storage|tests)/(.*) / [L,R=301] RewriteRule ^(app|bootstrap|config|database|overrides|resources|routes|storage|tests)/(.*) / [L,R=301]