.htaccess 686 B

123456789101112131415161718192021222324
  1. # Deny all requests from Apache 2.4+.
  2. <IfModule mod_authz_core.c>
  3. Require all denied
  4. </IfModule>
  5. # Deny all requests from Apache 2.0-2.2.
  6. <IfModule !mod_authz_core.c>
  7. Deny from all
  8. </IfModule>
  9. # Turn off all options we don't need.
  10. Options -Indexes -ExecCGI -Includes -MultiViews
  11. # Set the catch-all handler to prevent scripts from being executed.
  12. SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
  13. <Files *>
  14. # Override the handler again if we're run later in the evaluation list.
  15. SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
  16. </Files>
  17. # If we know how to do it safely, disable the PHP engine entirely.
  18. <IfModule mod_php5.c>
  19. php_flag engine off
  20. </IfModule>