[TASK] Disallow access to documentation folders 30/47930/2
authorMarkus Klein <markus.klein@typo3.org>
Wed, 27 Apr 2016 08:12:51 +0000 (10:12 +0200)
committerFrank Naegler <frank.naegler@typo3.org>
Thu, 5 May 2016 19:11:11 +0000 (21:11 +0200)
Update the default .htaccess file. The users must update their
actual configuration (.htaccess or server config) manually.

Resolves: #75934
Releases: master, 7.6, 6.2
Change-Id: I8e40263c72f68c44cb8fd8c1944a44e4d38d9daa
Reviewed-on: https://review.typo3.org/47930
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Tested-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
_.htaccess

index 910a643..e8a50f6 100644 (file)
@@ -288,7 +288,7 @@ AddDefaultCharset utf-8
        RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
        RewriteRule typo3temp/var/ - [F]
        RewriteRule ^(vendor|typo3_src) - [F]
-       RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?)/ - [F]
+       RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
 
        # Block access to all hidden files and directories with the exception of
        # the visible content from within the `/.well-known/` hidden directory (RFC 5785).