22 Jul
2014
22 Jul
'14
5:35 a.m.
Trying to understand the new "security" rules in .htaccess
- deny access to files not containing a dot or starting with a dot
# in all locations except installer directory
RewriteRule ^(?!installer)(.?[^.]+)$ - [F]
This doesn't quite make sense, we have a help/ directory, which is not accessible because of this rule yet all files in that directory are foo.img or index.php, bar.php
change to
RewriteRule ^(?!(installer|help))(.?[^.]+)$ - [F] permits our help/ directory to be read, this is sub optimum because it will be overwrite at next update again, does someone with good knowledge of rewrite rules able to shed some light on this?