X-Git-Url: https://jasonwoof.com/gitweb/?a=blobdiff_plain;ds=sidebyside;f=.htaccess;h=3847e70629da989ae165b81e032a44a0b4d5928a;hb=28c561e83d6ffed819bc308af8daf59be7051662;hp=6d04476bf87aa647ec80c5e609cd317f0f7d0990;hpb=00f6a232f1a6022f53f4e3c9d0236d81db966b62;p=wfpl-cms.git
diff --git a/.htaccess b/.htaccess
index 6d04476..3847e70 100644
--- a/.htaccess
+++ b/.htaccess
@@ -2,14 +2,29 @@ php_value post_max_size 25M
php_value upload_max_filesize 20M
php_flag register_globals off
php_flag magic_quotes_gpc off
-Options -MultiViews
DirectorySlash Off
DirectoryIndex disabled
AddDefaultCharset UTF-8
+AddCharset UTF-8 .css
RewriteEngine on
-RewriteRule ^[^/.]*$ /config.php [L]
+RewriteRule ^[^/.]*$ /wfpl_main.php [L]
ExpiresActive On
ExpiresDefault A31536000
+
+# SECURITY: don't execute code on the server (exception below)
+SetHandler none
+SetHandler default-handler
+# this option is needed for RewriteRule to work:
+Options SymlinksIfOwnerMatch
+php_flag engine off
+RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo
+# code execution exception: allow only /wfpl_main.php
+# matches regardless of directory/path, so rewrite php in subdirs
+RewriteRule ^.*/.*\.php$ - [L,R=404]
+
+ php_flag engine on
+ SetHandler application/x-httpd-php
+