Diff -- /var/www/vhosts/webstls.com/httpdocs/uploads/.htaccess
Diff
/var/www/vhosts/webstls.com/httpdocs/uploads/.htaccess
deleted on WebSTLs (webstls.com) at 2026-07-12 08:45:24
Added
+0
lines
Removed
-20
lines
Context
0
unchanged
Blobs
from a47be3136568
to
to
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.| 1 | # Block all direct HTTP access to uploaded image files. They are served | |
| 2 | # only through /img.cgi, which validates the requested id against the | |
| 3 | # page_images table and streams the bytes. The CGI reads files from | |
| 4 | # this directory via the filesystem, so it is unaffected by these rules. | |
| 5 | # | |
| 6 | # Defense-in-depth: even if a stranger guesses the on-disk path, | |
| 7 | # Apache refuses to serve it. | |
| 8 | ||
| 9 | Options -Indexes | |
| 10 | ||
| 11 | <IfModule mod_authz_core.c> | |
| 12 | # Apache 2.4+ | |
| 13 | Require all denied | |
| 14 | </IfModule> | |
| 15 | ||
| 16 | <IfModule !mod_authz_core.c> | |
| 17 | # Apache 2.2 | |
| 18 | Order deny,allow | |
| 19 | Deny from all | |
| 20 | </IfModule> |