-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy path.htaccess
41 lines (31 loc) · 1.35 KB
/
.htaccess
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<IfModule mod_rewrite.c>
RewriteEngine On
AddDefaultCharset UTF-8
Options -Indexes
Options +SymLinksIfOwnerMatch
# Options +SymLinksifOwnerMatch
# RewriteBase /
# Redirecting HTTP to HTTPS
# RewriteCond %{SERVER_PORT} 80
# RewriteRule ^(.*)$ https://your-website.com/$1 [R,L]
# Allow harmless files
RewriteCond %{REQUEST_URI} !\.(?:css|js|map|jpe?g|gif|png|svg|webp)$
# Allow file upload handler
RewriteCond %{REQUEST_URI} !(^|/)imanager/upload/server/php($|/.*$)$
# Block some directories and files
RewriteCond %{REQUEST_URI} (^|/)(boot|imanager)(.php$) [NC,OR]
# Block access to certain native Scriptor files.
RewriteCond %{REQUEST_URI} (^|/)(.htaccess|data|imanager|modules|core|lang|_.*)($|/.*$) [NC,OR]
# Forbid access to all directories and files that start with a dot
RewriteCond %{REQUEST_URI} (^|/)\.[^/]*($|/.*$)
RewriteRule ^ - [F,L]
# Block access to .zip, .pdf, and .tar files under "/data/uploads/"
#RewriteCond %{REQUEST_URI} /data/uploads/.*\.(zip|pdf|tar)$ [NC]
#RewriteRule ^ - [F,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^editor/(.*)$ editor/index.php?id=$1 [L,QSA]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?id=$1 [L,QSA]
</IfModule>