Commit 757ce514 authored by gdd's avatar gdd

Removed sig from global htaccess, create a new one in the config directory at...

Removed sig from global htaccess, create a new one in the config directory at install time which simply does a DenyFromAll, just like private files
parent 70261af6
...@@ -3,7 +3,7 @@ ...@@ -3,7 +3,7 @@
# #
# Protect files and directories from prying eyes. # Protect files and directories from prying eyes.
<FilesMatch "\.(sig|engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$"> <FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$">
Order allow,deny Order allow,deny
</FilesMatch> </FilesMatch>
......
...@@ -467,6 +467,7 @@ function file_ensure_htaccess() { ...@@ -467,6 +467,7 @@ function file_ensure_htaccess() {
file_save_htaccess('private://', TRUE); file_save_htaccess('private://', TRUE);
} }
file_save_htaccess('temporary://', TRUE); file_save_htaccess('temporary://', TRUE);
file_save_htaccess(config_get_config_directory(), TRUE);
} }
/** /**
......
...@@ -1011,6 +1011,11 @@ function install_settings_form_submit($form, &$form_state) { ...@@ -1011,6 +1011,11 @@ function install_settings_form_submit($form, &$form_state) {
if (!file_prepare_directory($config_path, FILE_CREATE_DIRECTORY)) { if (!file_prepare_directory($config_path, FILE_CREATE_DIRECTORY)) {
// How best to handle errors here? // How best to handle errors here?
}; };
// Write out a .htaccess file that will protect the config directory from
// prying eyes.
file_save_htaccess($config_path, TRUE);
// Indicate that the settings file has been verified, and check the database // Indicate that the settings file has been verified, and check the database
// for the last completed task, now that we have a valid connection. This // for the last completed task, now that we have a valid connection. This
// last step is important since we want to trigger an error if the new // last step is important since we want to trigger an error if the new
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment