let cms do header/title on /contact

[wfpl-cms.git] / .htaccess

diff --git a/.htaccess b/.htaccess
index 832b4a5..3847e70 100644 (file)
--- a/.htaccess
+++ b/.htaccess
@@ -2,15 +2,29 @@ php_value post_max_size 25M
 php_value upload_max_filesize 20M
 php_flag register_globals off
 php_flag magic_quotes_gpc off
-Options -MultiViews
 DirectorySlash Off
+DirectoryIndex disabled
 AddDefaultCharset UTF-8
+AddCharset UTF-8 .css
 RewriteEngine  on
-RewriteRule    ^[^/.]*$  /run.php [L]
-RewriteRule    ^style_[0-9]*.css$  /style.css [L]
-RewriteRule    ^style_[0-9]*.less$  /style.less [L]
+RewriteRule ^[^/.]*$ /wfpl_main.php [L]
 
 <FilesMatch "\.(css|jpg|png)$">
        ExpiresActive On
        ExpiresDefault A31536000
 </FilesMatch>
+
+# SECURITY: don't execute code on the server (exception below)
+SetHandler none
+SetHandler default-handler
+# this option is needed for RewriteRule to work:
+Options SymlinksIfOwnerMatch
+php_flag engine off
+RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo
+# code execution exception: allow only /wfpl_main.php
+# <Files> matches regardless of directory/path, so rewrite php in subdirs
+RewriteRule ^.*/.*\.php$ - [L,R=404]
+<Files "wfpl_main.php">
+       php_flag engine on
+       SetHandler application/x-httpd-php
+</Files>