X-Git-Url: https://jasonwoof.com/gitweb/?p=wfpl-cms.git;a=blobdiff_plain;f=.htaccess;h=38ace93f74672878f8e2f872303fcef7e340b5b5;hp=c496a282feb1c293579655da7846a53b69519ddf;hb=HEAD;hpb=7eee99585040417e2be07833570d11ccd7e66c44
diff --git a/.htaccess b/.htaccess
index c496a28..38ace93 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,5 +1,5 @@
-php_value post_max_size 25M
-php_value upload_max_filesize 20M
+php_value post_max_size 250M
+php_value upload_max_filesize 200M
php_flag register_globals off
php_flag magic_quotes_gpc off
DirectorySlash Off
@@ -7,13 +7,11 @@ DirectoryIndex disabled
AddDefaultCharset UTF-8
AddCharset UTF-8 .css
RewriteEngine on
-RewriteRule ^[^/.]*$ /wfpl_main.php [L]
-# Close loophole in security restriction/exception below
-RewriteRule ^.*/.*wfpl_main.php$ /wfpl_main.php [L]
+RewriteRule ^[^/.]*$ /wfpl_main.php [L]
- ExpiresActive On
- ExpiresDefault A31536000
+ ExpiresActive On
+ ExpiresDefault A31536000
# SECURITY: don't execute code on the server (exception below)
@@ -23,11 +21,21 @@ SetHandler default-handler
Options SymlinksIfOwnerMatch
php_flag engine off
RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo
-# Exception: allow access to wfpl_main.php
-#
-# this allows access to any files named "wfpl_main.php" anywhere, so there's a
-# rewrite rule above to use the top-level one, no matter which was requested.
+# code execution exception: allow only /wfpl_main.php
+# matches regardless of directory/path, so rewrite php in subdirs
+RewriteRule ^(wfpl_main\.php|paypal_ipn\.php|cms_images_autoresize\.php)$ - [L]
+RewriteRule .*\.php$ - [L,R=404]
- php_flag engine on
- SetHandler application/x-httpd-php
+ php_flag engine on
+ SetHandler application/x-httpd-php
+
+ php_flag engine on
+ SetHandler application/x-httpd-php
+
+
+ php_flag engine on
+ SetHandler application/x-httpd-php
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule ^cms_images/[0-9a-f]+w[0-9]+\.[pj][np]g$ /cms_images_autoresize.php