Options FollowSymLinks
AllowOverride None
<IfModule mod_authz_host.c>
+ Require all denied
+ </IfModule>
+ <IfModule mod_access_compat.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
+# Prevent access to:
+# - .htaccess and .htpasswd files
+# - backup files from being viewed
+# - PHP's .user.ini
+<FilesMatch "^(\.ht.*|\.user\.ini|.*~|.*,v)$">
+ <IfModule mod_authz_host.c>
+ Require all denied
+ </IfModule>
+ <IfModule mod_access_compat.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
+</FilesMatch>
+
+# Prevent access to:
+# - version control directories
+<DirectoryMatch "/(\.(svn|git|hg|bzr)|CVS)/?">
+ <IfModule mod_authz_host.c>
+ Require all denied
+ </IfModule>
+ <IfModule mod_access_compat.c>
+ Order deny,allow
+ Deny from all
+ </IfModule>
+</DirectoryMatch>
+
#
# This should be changed to whatever you set DocumentRoot to.
#
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.2/mod/core.html#options
+ # https://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
# Controls who can get stuff from this server.
#
<IfModule mod_authz_host.c>
+ Require all granted
+ </IfModule>
+ <IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>