projects / chef.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3fa8093)
wordpress: Restrict access to a few version discovery vectors
authorGrant Slater <git@firefishy.com>
Tue, 31 Mar 2015 23:00:39 +0000 (00:00 +0100)
committerGrant Slater <git@firefishy.com>
Tue, 31 Mar 2015 23:00:39 +0000 (00:00 +0100)
cookbooks/wordpress/templates/default/apache.erb patch | blob | history

diff --git a/cookbooks/wordpress/templates/default/apache.erb b/cookbooks/wordpress/templates/default/apache.erb
index 95ea84ff77949a9e7b838b51fff25271ee335164..200c500894c285c1a0743e4fe7c306c07d432990 100644 (file)
--- a/cookbooks/wordpress/templates/default/apache.erb
+++ b/cookbooks/wordpress/templates/default/apache.erb
@@ -57,6 +57,7 @@
     RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
     RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
     RewriteRule ^wp-includes/theme-compat/ - [F,L]
+    RewriteRule ^readme\.html$ [F,L]
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteRule . /index.php [L]
@@ -85,6 +86,10 @@
     Require all denied
   </Directory>
 
+  <Files ~ "\.(txt|md)$">
+    Require all denied
+  </Files>
+
   <Files ~ "~$">
     Require all denied
   </Files>
Chef configuration management public repo for configuring & maintaining the OpenStreetMap servers.