From 2ab1c9a9ba10edf567ae98fa9a8dc54263e0441d Mon Sep 17 00:00:00 2001 From: Nick Freear Date: Tue, 6 Feb 2018 17:38:43 +0000 Subject: [PATCH] Security edit to Apache configuration `mod_rewrite` - "410 Gone" * Block script attacks --- app/_data/openessayist.open.ac.uk-apache.conf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/_data/openessayist.open.ac.uk-apache.conf b/app/_data/openessayist.open.ac.uk-apache.conf index 3d6c4e0..32643c7 100644 --- a/app/_data/openessayist.open.ac.uk-apache.conf +++ b/app/_data/openessayist.open.ac.uk-apache.conf @@ -44,6 +44,8 @@ NameVirtualHost *:80 # https://codex.wordpress.org/htaccess RewriteEngine on RewriteBase / + # Block script attacks (gone = 410) + RewriteRule (phpmyadmin|setup|install|sql|db) - [nocase,gone] RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d