123456789101112131415161718192021222324 |
- # Deny all requests from Apache 2.4+.
- <IfModule mod_authz_core.c>
- Require all denied
- </IfModule>
- # Deny all requests from Apache 2.0-2.2.
- <IfModule !mod_authz_core.c>
- Deny from all
- </IfModule>
- # Turn off all options we don't need.
- Options -Indexes -ExecCGI -Includes -MultiViews
- # Set the catch-all handler to prevent scripts from being executed.
- SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
- <Files *>
- # Override the handler again if we're run later in the evaluation list.
- SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
- </Files>
- # If we know how to do it safely, disable the PHP engine entirely.
- <IfModule mod_php7.c>
- php_flag engine off
- </IfModule>
|