URI should end with the extension
This prevents access to files such as script.jpg.php, while such a file is not possible to upload today, we can never be too sure.
This commit is contained in:
Samuel Georges
parent
c7530eece9
commit
83fbddf5ee
68
.htaccess
68
.htaccess
|
|
@ -29,40 +29,40 @@
|
|||
## White listed folders and files
|
||||
##
|
||||
RewriteCond %{REQUEST_FILENAME} -f
|
||||
RewriteCond %{REQUEST_URI} !\.js
|
||||
RewriteCond %{REQUEST_URI} !\.map
|
||||
RewriteCond %{REQUEST_URI} !\.ico
|
||||
RewriteCond %{REQUEST_URI} !\.jpg
|
||||
RewriteCond %{REQUEST_URI} !\.jpeg
|
||||
RewriteCond %{REQUEST_URI} !\.bmp
|
||||
RewriteCond %{REQUEST_URI} !\.png
|
||||
RewriteCond %{REQUEST_URI} !\.gif
|
||||
RewriteCond %{REQUEST_URI} !\.svg
|
||||
RewriteCond %{REQUEST_URI} !\.css
|
||||
RewriteCond %{REQUEST_URI} !\.less
|
||||
RewriteCond %{REQUEST_URI} !\.scss
|
||||
RewriteCond %{REQUEST_URI} !\.pdf
|
||||
RewriteCond %{REQUEST_URI} !\.swf
|
||||
RewriteCond %{REQUEST_URI} !\.txt
|
||||
RewriteCond %{REQUEST_URI} !\.xml
|
||||
RewriteCond %{REQUEST_URI} !\.xls
|
||||
RewriteCond %{REQUEST_URI} !\.eot
|
||||
RewriteCond %{REQUEST_URI} !\.woff
|
||||
RewriteCond %{REQUEST_URI} !\.woff2
|
||||
RewriteCond %{REQUEST_URI} !\.ttf
|
||||
RewriteCond %{REQUEST_URI} !\.flv
|
||||
RewriteCond %{REQUEST_URI} !\.wmv
|
||||
RewriteCond %{REQUEST_URI} !\.mp3
|
||||
RewriteCond %{REQUEST_URI} !\.ogg
|
||||
RewriteCond %{REQUEST_URI} !\.wav
|
||||
RewriteCond %{REQUEST_URI} !\.avi
|
||||
RewriteCond %{REQUEST_URI} !\.mov
|
||||
RewriteCond %{REQUEST_URI} !\.mp4
|
||||
RewriteCond %{REQUEST_URI} !\.mpeg
|
||||
RewriteCond %{REQUEST_URI} !\.webm
|
||||
RewriteCond %{REQUEST_URI} !\.mkv
|
||||
RewriteCond %{REQUEST_URI} !\.rar
|
||||
RewriteCond %{REQUEST_URI} !\.zip
|
||||
RewriteCond %{REQUEST_URI} !\.js$
|
||||
RewriteCond %{REQUEST_URI} !\.map$
|
||||
RewriteCond %{REQUEST_URI} !\.ico$
|
||||
RewriteCond %{REQUEST_URI} !\.jpg$
|
||||
RewriteCond %{REQUEST_URI} !\.jpeg$
|
||||
RewriteCond %{REQUEST_URI} !\.bmp$
|
||||
RewriteCond %{REQUEST_URI} !\.png$
|
||||
RewriteCond %{REQUEST_URI} !\.gif$
|
||||
RewriteCond %{REQUEST_URI} !\.svg$
|
||||
RewriteCond %{REQUEST_URI} !\.css$
|
||||
RewriteCond %{REQUEST_URI} !\.less$
|
||||
RewriteCond %{REQUEST_URI} !\.scss$
|
||||
RewriteCond %{REQUEST_URI} !\.pdf$
|
||||
RewriteCond %{REQUEST_URI} !\.swf$
|
||||
RewriteCond %{REQUEST_URI} !\.txt$
|
||||
RewriteCond %{REQUEST_URI} !\.xml$
|
||||
RewriteCond %{REQUEST_URI} !\.xls$
|
||||
RewriteCond %{REQUEST_URI} !\.eot$
|
||||
RewriteCond %{REQUEST_URI} !\.woff$
|
||||
RewriteCond %{REQUEST_URI} !\.woff2$
|
||||
RewriteCond %{REQUEST_URI} !\.ttf$
|
||||
RewriteCond %{REQUEST_URI} !\.flv$
|
||||
RewriteCond %{REQUEST_URI} !\.wmv$
|
||||
RewriteCond %{REQUEST_URI} !\.mp3$
|
||||
RewriteCond %{REQUEST_URI} !\.ogg$
|
||||
RewriteCond %{REQUEST_URI} !\.wav$
|
||||
RewriteCond %{REQUEST_URI} !\.avi$
|
||||
RewriteCond %{REQUEST_URI} !\.mov$
|
||||
RewriteCond %{REQUEST_URI} !\.mp4$
|
||||
RewriteCond %{REQUEST_URI} !\.mpeg$
|
||||
RewriteCond %{REQUEST_URI} !\.webm$
|
||||
RewriteCond %{REQUEST_URI} !\.mkv$
|
||||
RewriteCond %{REQUEST_URI} !\.rar$
|
||||
RewriteCond %{REQUEST_URI} !\.zip$
|
||||
RewriteCond %{REQUEST_URI} !docs/.*
|
||||
RewriteCond %{REQUEST_URI} !themes/.*
|
||||
RewriteRule ^ index.php [L,NC]
|
||||
|
|
|
|||
Loading…
Reference in New Issue