Diff -- /var/www/vhosts/webstls.com/httpdocs/uploads/.htaccess
Diff
/var/www/vhosts/webstls.com/httpdocs/uploads/.htaccess
added on WebSTLs (webstls.com) at 2026-07-01 22:27:09
Added
+0
lines
Removed
-0
lines
Context
20
unchanged
Blobs
from a47be3136568
to a47be3136568
to a47be3136568
Unified diff
Naive LCS-based line diff. Additions in emerald, deletions in rose. Both sides decompressed live from BLOB_STORE.| 1 | 1 | # Block all direct HTTP access to uploaded image files. They are served |
| 2 | 2 | # only through /img.cgi, which validates the requested id against the |
| 3 | 3 | # page_images table and streams the bytes. The CGI reads files from |
| 4 | 4 | # this directory via the filesystem, so it is unaffected by these rules. |
| 5 | 5 | # |
| 6 | 6 | # Defense-in-depth: even if a stranger guesses the on-disk path, |
| 7 | 7 | # Apache refuses to serve it. |
| 8 | 8 | |
| 9 | 9 | Options -Indexes |
| 10 | 10 | |
| 11 | 11 | <IfModule mod_authz_core.c> |
| 12 | 12 | # Apache 2.4+ |
| 13 | 13 | Require all denied |
| 14 | 14 | </IfModule> |
| 15 | 15 | |
| 16 | 16 | <IfModule !mod_authz_core.c> |
| 17 | 17 | # Apache 2.2 |
| 18 | 18 | Order deny,allow |
| 19 | 19 | Deny from all |
| 20 | 20 | </IfModule> |