Secure the server: prevent the users from browsing/getting files from the data and log directories. With Apache, it is still a must to enable htaccess with the spec "AllowOverride All". The index.php files are here to prevent from browsing whatever the HTTP server config.

SVN:trunk[3675]
2026-02-12 23:14:18 +01:00 · 2015-08-12 14:25:32 +00:00
parent 1a970d1372
commit e5e90b1faf
6 changed files with 22 additions and 0 deletions
--- a/data/web.config
+++ b/data/web.config
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="utf-8" ?>
+<configuration>
+  <system.web>
+          <authorization>
+                  <deny users="*" /> <!-- Denies all users -->
+          </authorization>
+  </system.web>
+</configuration>