- adjusted for rpm.org, partial PLD merge

[packages/apache.git] / apache-common.conf

diff --git a/apache-common.conf b/apache-common.conf
index 8643668fb619b8f4be48370700fdfde7c44569d0..085c5e7ef242e475e2b4aa970cbc154e200d5737 100644 (file)
--- a/apache-common.conf
+++ b/apache-common.conf
@@ -18,8 +18,38 @@ DocumentRoot "/home/services/httpd/html"
        <IfModule mod_authz_host.c>
                Require all denied
        </IfModule>
+       <IfModule mod_access_compat.c>
+               Order deny,allow
+               Deny from all
+       </IfModule>
 </Directory>
 
+# Prevent access to:
+# - .htaccess and .htpasswd files
+# - backup files from being viewed
+# - PHP's .user.ini
+<FilesMatch  "^(\.ht.*|\.user\.ini|.*~|.*,v)$">
+       <IfModule mod_authz_host.c>
+               Require all denied
+       </IfModule>
+       <IfModule mod_access_compat.c>
+               Order deny,allow
+               Deny from all
+       </IfModule>
+</FilesMatch>
+
+# Prevent access to:
+# - version control directories
+<DirectoryMatch "/(\.(svn|git|hg|bzr)|CVS)/?">
+       <IfModule mod_authz_host.c>
+               Require all denied
+       </IfModule>
+       <IfModule mod_access_compat.c>
+               Order deny,allow
+               Deny from all
+       </IfModule>
+</DirectoryMatch>
+
 #
 # This should be changed to whatever you set DocumentRoot to.
 #
@@ -51,5 +81,9 @@ DocumentRoot "/home/services/httpd/html"
        <IfModule mod_authz_host.c>
                Require all granted
        </IfModule>
+       <IfModule mod_access_compat.c>
+               Order allow,deny
+               Allow from all
+       </IfModule>
 
 </Directory>