From e5e90b1faf6f448e1fae1c64e0d0f8da07060266 Mon Sep 17 00:00:00 2001 From: Romain Quetiez Date: Wed, 12 Aug 2015 14:25:32 +0000 Subject: [PATCH] Secure the server: prevent the users from browsing/getting files from the data and log directories. With Apache, it is still a must to enable htaccess with the spec "AllowOverride All". The index.php files are here to prevent from browsing whatever the HTTP server config. SVN:trunk[3675] --- data/.htaccess | 1 + data/index.php | 2 ++ data/web.config | 8 ++++++++ log/.htaccess | 1 + log/index.php | 2 ++ log/web.config | 8 ++++++++ 6 files changed, 22 insertions(+) create mode 100644 data/.htaccess create mode 100644 data/index.php create mode 100644 data/web.config create mode 100644 log/.htaccess create mode 100644 log/index.php create mode 100644 log/web.config diff --git a/data/.htaccess b/data/.htaccess new file mode 100644 index 000000000..14249c50b --- /dev/null +++ b/data/.htaccess @@ -0,0 +1 @@ +Deny from all \ No newline at end of file diff --git a/data/index.php b/data/index.php new file mode 100644 index 000000000..f4609aaef --- /dev/null +++ b/data/index.php @@ -0,0 +1,2 @@ + + + + + + + + \ No newline at end of file diff --git a/log/.htaccess b/log/.htaccess new file mode 100644 index 000000000..14249c50b --- /dev/null +++ b/log/.htaccess @@ -0,0 +1 @@ +Deny from all \ No newline at end of file diff --git a/log/index.php b/log/index.php new file mode 100644 index 000000000..f4609aaef --- /dev/null +++ b/log/index.php @@ -0,0 +1,2 @@ + + + + + + + + \ No newline at end of file