|
@@ -0,0 +1,24 @@
|
|
|
|
|
+# Deny all requests from Apache 2.4+.
|
|
|
|
|
+<IfModule mod_authz_core.c>
|
|
|
|
|
+ Require all denied
|
|
|
|
|
+</IfModule>
|
|
|
|
|
+
|
|
|
|
|
+# Deny all requests from Apache 2.0-2.2.
|
|
|
|
|
+<IfModule !mod_authz_core.c>
|
|
|
|
|
+ Deny from all
|
|
|
|
|
+</IfModule>
|
|
|
|
|
+
|
|
|
|
|
+# Turn off all options we don't need.
|
|
|
|
|
+Options -Indexes -ExecCGI -Includes -MultiViews
|
|
|
|
|
+
|
|
|
|
|
+# Set the catch-all handler to prevent scripts from being executed.
|
|
|
|
|
+SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
|
|
|
|
|
+<Files *>
|
|
|
|
|
+ # Override the handler again if we're run later in the evaluation list.
|
|
|
|
|
+ SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
|
|
|
|
|
+</Files>
|
|
|
|
|
+
|
|
|
|
|
+# If we know how to do it safely, disable the PHP engine entirely.
|
|
|
|
|
+<IfModule mod_php7.c>
|
|
|
|
|
+ php_flag engine off
|
|
|
|
|
+</IfModule>
|
