Commit 887bc359 authored by helmo's avatar helmo

Multi-site hardening

parent eb052650
......@@ -82,7 +82,7 @@ if ($this->redirection) {
# Prevent direct reading of files in the private dir.
# This is for Drupal7 compatibility, which would normally drop
# a .htaccess in those directories, but we explicitly ignore those
<Directory "<?php print $this->site_path; ?>/private/" >
<Directory ~ "sites/.*/private">
<Files *>
SetHandler This_is_a_Drupal_security_line_do_not_remove
</Files>
......
......@@ -39,7 +39,7 @@ Alias /<?php print $subdir; ?> <?php print $this->root; ?>
# Prevent direct reading of files in the private dir.
# This is for Drupal7 compatibility, which would normally drop
# a .htaccess in those directories, but we explicitly ignore those
<Directory "<?php print $this->site_path; ?>/private/" >
<Directory ~ "sites/.*/private">
SetHandler This_is_a_Drupal_security_line_do_not_remove
Deny from all
Options None
......
......@@ -83,7 +83,7 @@ if ($this->redirection || $ssl_redirection) {
# Prevent direct reading of files in the private dir.
# This is for Drupal7 compatibility, which would normally drop
# a .htaccess in those directories, but we explicitly ignore those
<Directory "<?php print $this->site_path; ?>/private/" >
<Directory ~ "sites/.*/private">
<Files *>
SetHandler This_is_a_Drupal_security_line_do_not_remove
</Files>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment