Comments (4)
@swissspidy take a look at https://github.com/ttssdev/appflow/blob/master/playbooks/roles/web/templates/wp_bedrock/htaccess.j2 -- we provision this as default .htaccess
. When we set htaccess_ithemes_security_enable: true
for a vhost
in conf_vhosts_common
we also enable all the iThemes Security Config Details which should include what you need, take a look at the file.
from appside.
Disable Directory Listing everyhwere
has been implemented with 68b9e2f, verified by @swissspidy.
from appside.
@swissspidy any code for Disallow executing PHP directly in wp-includes and web/app
?
from appside.
Usually we'd do something like this:
<Directory "/app/uploads/">
<Files "*.php">
Order Deny,Allow
Deny from All
</Files>
</Directory>
But apparently, we can easily set this via iThemes Security. As long as the current .htaccess
from that plugin is correct, it should work. It does this by adding new rewrite rules:
<IfModule mod_rewrite.c>
RewriteEngine On
# Protect System Files - Security > Settings > System Tweaks > System Files
RewriteRule ^wp-admin/install\.php$ - [F]
RewriteRule ^wp-admin/includes/ - [F]
RewriteRule !^wp-includes/ - [S=3]
RewriteRule ^wp-includes/[^/]+\.php$ - [F]
RewriteRule ^wp-includes/js/tinymce/langs/.+\.php - [F]
RewriteRule ^wp-includes/theme-compat/ - [F]
# Disable PHP in Uploads - Security > Settings > System Tweaks > PHP in Uploads
RewriteRule ^app/uploads/.*\.(?:php[1-7]?|pht|phtml?|phps)$ - [NC,F]
# …
</IfModule>
How can I update the .htaccess
with the latest updates from iThemes security to test this?
from appside.
Related Issues (20)
- Support for MySQL flavours/versions HOT 1
- Support for PHP/HHVM flavours/versions HOT 1
- Support for nginx HOT 1
- Support for Varnish flavours/versions
- Migration to xenial as default for atlantis (appflow.py) HOT 1
- fstab
- add nodejs and npm support to jailkit HOT 1
- Don't blindly add bash autocompletion HOT 4
- Version HOT 2
- `appflow vhosts` adds too many newlines HOT 3
- Preventing encrypted data being overwritten by different user HOT 3
- Stats HOT 1
- appflow update & appflow checkin commands seem fragile HOT 1
- appflow - woodwing - add module contentstation HOT 4
- pip3 install appflow doesn't install required dependencies?
- woodwing: config.php / configserver.php removed at rollout HOT 3
- jailkit HOT 2
- WordPress Config: Use https by default and/or add setting for https HOT 9
- woodwing rsync command not working HOT 1
- Documentation HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from appside.