# Remove autoindex
IndexIgnore */*
# Try to set PHP settings
php_value upload_max_filesize 20M
php_value post_max_size 20M
php_value upload_max_filesize 20M
php_value post_max_size 20M
# Deny access to files starting with dot
Order allow,deny
Deny from all
# Deny access to log, sql, htaccess ecc..
Order allow,deny
Deny from all
# Deny access to VERSION, REVISION and config file
Order allow,deny
Deny from all
# Disable indexing of php, html, htm, pdf files
Header set X-Robots-Tag: "noindex"
RewriteEngine On
# Tell PHP that the mod_rewrite module is ENABLED.
SetEnv HTTP_MOD_REWRITE On
# Deny access to protected folders
RewriteRule ^backup/ - [F,L]
RewriteRule ^docs/ - [F,L]
RewriteRule ^include/ - [F,L]
RewriteRule ^locale/ - [F,L]
RewriteRule ^logs/ - [F,L]
RewriteRule ^update/ - [F,L]
# Deny access to svn, git, node_modules and vendor folders
RewriteRule ^.git/ - [F,L]
RewriteRule ^.svn/ - [F,L]
RewriteRule ^node_modules/ - [F,L]
RewriteRule ^vendor/ - [F,L]
# Disable HTTP TRACE
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]
# Prevent hacks
# proc/self/environ? no way!
RewriteCond %{QUERY_STRING} proc/self/environ [OR]
# Block out any script trying to set a mosConfig value through the URL
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|\%3D) [OR]
# Block out any script trying to base64_encode crap to send via URL
RewriteCond %{QUERY_STRING} base64_encode.*(.*) [OR]
# Block out any script that includes a