beenull/Pico
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
901 commits 4 branches 36 tags 15 MiB
Commit graph

16 commits

Author SHA1 Message Date
Daniel Rudolf 6bb65fb12b
Deny access to composer.phar in .htaccess 
This file might be present if users strictly follow our install instructions
 and don't delete it on their own after successfully installing Pico.
 2018-01-27 21:03:45 +01:00
Daniel Rudolf e517eac396
Improve .htaccess regex 
Deny access to all dot files and dirs by default (except .well-known)

Update nginx rules accordingly and pass denied requests to Pico rather than letting nginx send a 404 response
 2017-12-24 13:58:42 +01:00
Daniel Rudolf 91771e67af
Update .htaccess 2017-06-14 12:03:30 +02:00
Daniel Rudolf ddf3da0391
Merge branch 'master' into pico-1.1 
Conflicts:
	.htaccess
	config/config.php.template
	content-sample/index.md
	lib/Pico.php
 2016-06-18 20:23:23 +02:00
Daniel Rudolf 86b2839660
Update .htaccess 
Thanks @smcdougall, see ee5b4f0d56 (commitcomment-17304977)
 2016-04-29 18:02:19 +02:00
Daniel Rudolf 0f8deda6a3
Update .htaccess 
Sync with Pico 1.0.3; see ee5b4f0
 2016-04-27 21:07:59 +02:00
Daniel Rudolf ee5b4f0d56
.htaccess: Deny access to CHANGELOG.md, composer.json, composer.lock 
See discussion in #343
 2016-04-27 21:02:20 +02:00
Daniel Rudolf 6465c2b0a9
Support REQUEST_URI routing method 
With Pico 1.0 you had to setup URL rewriting (e.g. using `mod_rewrite` on Apache) in a way that rewritten URLs follow the `QUERY_STRING` principles. Starting with version 1.1, Pico additionally supports the `REQUEST_URI` routing method, what allows you to simply rewrite all requests to just `index.php`. Pico then reads the requested page from the `REQUEST_URI` environment variable provided by the webserver. Please note that `QUERY_STRING` takes precedence over `REQUEST_URI`.
 2016-04-24 20:11:05 +02:00
Daniel Rudolf 31e55ca24a
.htaccess: Pass full URL to Pico when requesting content, lib... dirs 
This allows Pico to e.g. serve content/config.md when http://example.com/pico/config/ is requested
 2016-04-24 04:14:58 +02:00
Daniel Rudolf 49cb6c144a
Use Pico's 404.md to deny access to lib, content... dirs 2016-04-24 04:06:40 +02:00
Daniel Rudolf b77c9da29b Force Apache's MultiViews feature to be disabled 
Thanks @sonst-was for reporting this. Resolves #329
 2016-02-24 23:28:41 +01:00
Daniel Rudolf fbb744dd43 Deny access to config, content, content-sample, lib and vendor dirs 
Send 404 Not Found instead of 403 Forbidden
 2015-10-01 22:42:23 +02:00
Daniel Rudolf c44afd396d Update .htaccess 2015-08-28 18:37:36 +02:00
theshka a335eec82a add rewrite base directive 2015-05-25 07:51:18 -04:00
theshka b11a358505 add comments and RewriteBase directive 2015-05-25 07:41:08 -04:00
Gilbert Pellegrom 92b792e8f2 Initial commit. 2012-04-04 14:45:09 +01:00