From f80f775dfbe12cf6b95bda38b73f5dc37327d7fa Mon Sep 17 00:00:00 2001 From: Adam Spragg Date: Thu, 26 Jul 2018 15:09:50 +0100 Subject: Change the "private file" prefix from "@" to "_" It has all the benefits previously mentioned in commit 2f547251, as well as mirroring the common programming convention of using a "_" prefix to identify private variables/functions Hides files beginning with _ from mod_autoindex listings As well as 404ing on files starting with "_", also 404 on files starting with ".", as these are also private. Except for /.well-known/, because that's... well known, and should be public. --- apache2.conf | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'apache2.conf') diff --git a/apache2.conf b/apache2.conf index a29a16d..030bac1 100644 --- a/apache2.conf +++ b/apache2.conf @@ -157,9 +157,14 @@ RewriteCond %{LA-U:REQUEST_FILENAME} !-d RewriteRule !\. - [H=application/x-httpd-php] - # Disallow access to files/directories whose names begin with "@", returning a 404. + # Disallow access to files/directories whose names begin with "_" or "." + # (except for /.well-known/), returning a 404. # This makes those files appear to not exist. - RewriteRule "/@" "-" [R=404,L] + RewriteCond "%{REQUEST_URI}" "!^/.well-known/" + RewriteRule "/[_.]" "-" [R=404,L] + + # Do not list files beginning with an underscore in directory listings + IndexIgnore _??* AuthType Basic -- cgit v1.2.1