-
Notifications
You must be signed in to change notification settings - Fork 1
/
.htaccess.example
86 lines (73 loc) · 2.41 KB
/
.htaccess.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
Options -Indexes
<IfModule mod_headers.c>
SetEnvIf Origin "https?://(.+\.mudlet\.org|mudlet\.org)$" AccessControlAllowOrigin=$0
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /snapshots/
## If the current requesting IP is in our IP safelist the "ALLOWED" ENV var is set to 1.
UnsetEnv ALLOWED
RewriteRule .* - [E=ALLOWED:0]
RewriteCond ${allowed:%{REMOTE_ADDR}} 1
RewriteRule ^ - [E=ALLOWED:1]
## This rule only applies to PUT method requests.
RewriteCond %{REQUEST_METHOD} PUT
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{ENV:ALLOWED} 1
RewriteRule . /snapshots/put.php [L]
## This prevents access to put.php in any other method but PUT.
RewriteCond %{REQUEST_METHOD} !PUT
RewriteRule ^put.php /snapshots/index.php [L]
## This sets up /knock/ for checking requesting IPs.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{ENV:ALLOWED} 0
RewriteRule ^knock/?.*$ /snapshots/knock.php [L,NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{ENV:ALLOWED} 1
RewriteRule ^knock/?.*$ /snapshots/knock.php?known=1 [L,NC]
## These directories may change depending on configs.
## This prevents direct access to these directories and files.
RewriteRule ^wp-plugin/?.*$ /snapshots/index.php [L]
RewriteRule ^\.git/?.*$ /snapshots/index.php [L]
RewriteRule ^files/?.*$ /snapshots/index.php [L]
RewriteRule ^tmp/?.*$ /snapshots/index.php [L]
RewriteRule ^lib/?.*$ /snapshots/index.php [L]
## This sets up our file download link.
RewriteCond %{REQUEST_METHOD} GET
RewriteRule ^([a-f0-9]+)/([^/]+)$ /snapshots/index.php?dl=$1_$2 [L]
## Finally, route all other requests back to index.
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_METHOD} !=PUT
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /snapshots/index.php [L]
</IfModule>
## These directives ensure access to special files is disabled.
<files "config.php">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</files>
<files "ip_list">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</files>
<files "*log">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order allow,deny
Deny from all
</IfModule>
</files>