From 5940322cf97667a2a7d3f2cfa684347bc87f1d72 Mon Sep 17 00:00:00 2001
From: Samuel Georges <sam@daftspunk.com>
Date: Fri, 20 Feb 2015 22:11:42 +1100
Subject: [PATCH] Improve htaccess security

---
 .htaccess | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/.htaccess b/.htaccess
index 0e4d108b3..e4c825cb8 100644
--- a/.htaccess
+++ b/.htaccess
@@ -14,8 +14,15 @@
     ##
     ## Black list protected files
     ##
-    RewriteRule themes/.*/(layouts|pages|partials)/.*.htm index.php [L,NC]
-    RewriteRule uploads/protected/.* index.php [L,NC]
+    RewriteRule ^themes/.*/(layouts|pages|partials)/.*.htm index.php [L,NC]
+    RewriteRule ^uploads/protected/.* index.php [L,NC]
+    RewriteRule ^bootstrap/.* index.php [L,NC]
+    RewriteRule ^config/.* index.php [L,NC]
+    RewriteRule ^vendor/.* index.php [L,NC]
+    RewriteRule ^storage/cms/.* index.php [L,NC]
+    RewriteRule ^storage/logs/.* index.php [L,NC]
+    RewriteRule ^storage/temp/.* index.php [L,NC]
+    RewriteRule ^storage/framework/.* index.php [L,NC]
 
     ##
     ## White listed folders and files