Commit 757ce514 authored by gdd's avatar gdd

Removed sig from global htaccess, create a new one in the config directory at...

Removed sig from global htaccess, create a new one in the config directory at install time which simply does a DenyFromAll, just like private files
parent 70261af6
......@@ -3,7 +3,7 @@
#
# Protect files and directories from prying eyes.
<FilesMatch "\.(sig|engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$">
<FilesMatch "\.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$">
Order allow,deny
</FilesMatch>
......
......@@ -467,6 +467,7 @@ function file_ensure_htaccess() {
file_save_htaccess('private://', TRUE);
}
file_save_htaccess('temporary://', TRUE);
file_save_htaccess(config_get_config_directory(), TRUE);
}
/**
......
......@@ -1011,6 +1011,11 @@ function install_settings_form_submit($form, &$form_state) {
if (!file_prepare_directory($config_path, FILE_CREATE_DIRECTORY)) {
// How best to handle errors here?
};
// Write out a .htaccess file that will protect the config directory from
// prying eyes.
file_save_htaccess($config_path, TRUE);
// Indicate that the settings file has been verified, and check the database
// for the last completed task, now that we have a valid connection. This
// last step is important since we want to trigger an error if the new
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment