wordpress: Restrict access to a few version discovery vectors
authorGrant Slater <git@firefishy.com>
Tue, 31 Mar 2015 23:00:39 +0000 (00:00 +0100)
committerGrant Slater <git@firefishy.com>
Tue, 31 Mar 2015 23:00:39 +0000 (00:00 +0100)
cookbooks/wordpress/templates/default/apache.erb

index 95ea84ff77949a9e7b838b51fff25271ee335164..200c500894c285c1a0743e4fe7c306c07d432990 100644 (file)
@@ -57,6 +57,7 @@
     RewriteRule ^wp-includes/[^/]+\.php$ - [F,L]
     RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F,L]
     RewriteRule ^wp-includes/theme-compat/ - [F,L]
+    RewriteRule ^readme\.html$ [F,L]
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteRule . /index.php [L]
     Require all denied
   </Directory>
 
+  <Files ~ "\.(txt|md)$">
+    Require all denied
+  </Files>
+
   <Files ~ "~$">
     Require all denied
   </Files>