1 <?xml version="1.0" encoding="UTF-8"?>
6 <add name="X-UA-Compatible" value="IE=edge" />
7 <add name="Cache-Control" value="Public" />
14 <rule name="TYPO3 - Block access to composer files">
15 <match url="composer\.(?:json|lock)" ignoreCase="true" />
16 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
18 <rule name="TYPO3 - Block access to flexform files">
19 <match url="flexform[^.]*\.xml" ignoreCase="true" />
20 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
22 <rule name="TYPO3 - Block access to language files">
23 <match url="locallang[^.]*\.(?:xml|xlf)$" ignoreCase="true" />
24 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
26 <rule name="TYPO3 - Block access to static typoscript files">
27 <match url="ext_conf_template\.txt|ext_typoscript_constants\.txt|ext_typoscript_setup\.txt" ignoreCase="true" />
28 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
30 <rule name="TYPO3 - Block access to miscellaneous protected files">
31 <match url="/.*\.(?:bak|co?nf|cfg|ya?ml|ts|typoscript|tsconfig|dist|fla|in[ci]|log|sh|sql|sqlite)$" ignoreCase="true" />
32 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
34 <rule name="TYPO3 - Block access to recycler and temporary directories">
35 <match url="_(?:recycler|temp)_/" ignoreCase="false" />
36 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
38 <rule name="TYPO3 - Block access to configuration files stored in fileadmin">
39 <match url="fileadmin/(?:templates)/.*\.(?:txt|ts)$" ignoreCase="false" />
40 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
42 <rule name="TYPO3 - Block access to libraries, source and temporary compiled data">
43 <match url="^(?:vendor|typo3_src|typo3temp/var)" ignoreCase="false" />
44 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
46 <rule name="TYPO3 - Block access to protected extension directories">
47 <match url="(?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/" ignoreCase="false" />
48 <action type="CustomResponse" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
50 <rule name="TYPO3 - Static File Directories" stopProcessing="true">
51 <match url="^/(typo3|typo3temp|typo3conf|t3lib|tslib|fileadmin|uploads|showpic\.php|favicon\.ico)$" />
52 <action type="None" />
54 <rule name="TYPO3 - If the file/directory does not exist => Redirect to index.php." stopProcessing="true">
55 <match url="^.*$" ignoreCase="false" />
56 <conditions logicalGrouping="MatchAll">
57 <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
58 <add input="{REQUEST_FILENAME}" matchType="IsDirectory" negate="true" />
60 <action type="Rewrite" url="index.php" appendQueryString="true" />
66 <clientCache cacheControlMode="UseMaxAge" cacheControlMaxAge="8.00:00:00" />