r3v3rb

Fixed! how on earth would framework get chmod'ed to writeable by group!

r3v3rb

which is the same across all sites on the server, except for some extra https & compression settings in the others

r3v3rb
  1. ### SILVERSTRIPE START ###
  2.  
  3. # Deny access to templates (but allow from localhost)
  4. <Files *.ss>
  5. Order deny,allow
  6. Deny from all
  7. Allow from 127.0.0.1
  8. </Files>
  9.  
  10. # Deny access to IIS configuration
  11. <Files web.config>
  12. Order deny,allow
  13. Deny from all
  14. </Files>
  15.  
  16. # Deny access to YAML configuration files which might include sensitive information
  17. <Files ~ "\.ya?ml$">
  18. Order allow,deny
  19. Deny from all
  20. </Files>
  21.  
  22. # Route errors to static pages automatically generated by SilverStripe
  23. ErrorDocument 404 /assets/error-404.html
  24. ErrorDocument 500 /assets/error-500.html
  25.  
  26. <IfModule mod_env.c>
  27. # Ensure that X-Forwarded-Host is only allowed to determine the request
  28. # hostname for servers ips defined by SS_TRUSTED_PROXY_IPS in your _ss_environment.php
  29. # Note that in a future release this setting will be always on.
  30. SetEnv BlockUntrustedIPs true
  31. </IfModule>
  32.  
  33. <IfModule mod_rewrite.c>
  34. # Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
  35. <IfModule mod_dir.c>
  36. DirectoryIndex disabled
  37. </IfModule>
  38.  
  39. SetEnv HTTP_MOD_REWRITE On
  40. RewriteEngine On
  41.  
  42. # Enable HTTP Basic authentication workaround for PHP running in CGI mode
  43. RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
  44.  
  45. # Deny access to potentially sensitive files and folders
  46. RewriteRule ^vendor(/|$) - [F,L,NC]
  47. RewriteRule silverstripe-cache(/|$) - [F,L,NC]
  48. RewriteRule composer\.(json|lock) - [F,L,NC]
  49.  
  50. # Process through SilverStripe if no file with the requested name exists.
  51. # Pass through the original path as a query parameter, and retain the existing parameters.
  52. RewriteCond %{REQUEST_URI} ^(.*)$
  53. RewriteCond %{REQUEST_FILENAME} !-f
  54. RewriteRule .* framework/main.php?url=%1 [QSA]
  55.  
  56. # If framework isn't in a subdirectory, rewrite to installer
  57. RewriteCond %{REQUEST_URI} ^(.*)/framework/main.php$
  58. RewriteCond %{REQUEST_FILENAME} !-f
  59. RewriteRule . %1/install.php? [R,L]
  60.  
  61. </IfModule>
  62. ### SILVERSTRIPE END
  63.  
  64. # php -- BEGIN cPanel-generated handler, do not edit
  65. # Set the "ea-php71" package as the default "PHP" programming language.
  66. <IfModule mime_module>
  67. AddHandler application/x-httpd-ea-php71 .php .php7 .phtml
  68. </IfModule>
  69. # php -- END cPanel-generated handler, do not edit

using... currently

r3v3rb

hmm, looking like a htaccess after all - /index.php/dev/build works