From 5b44d452a961cc6ad0c4ae798ae9370a32acc717 Mon Sep 17 00:00:00 2001 From: An Phan Date: Mon, 9 Feb 2015 15:30:34 +0800 Subject: [PATCH] Added an alternative rule to deny access to hidden files --- README.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/README.md b/README.md index cc2d4cc..82940da 100644 --- a/README.md +++ b/README.md @@ -120,6 +120,11 @@ RewriteCond %{SCRIPT_FILENAME} -f RewriteRule "(^|/)\." - [F] ``` +Alternatively, you can just raise a `Not Found` error, giving the attacker dude no clue: +``` apacheconf +RedirectMatch 404 /\..*$ +``` + ### Deny Access to Backup and Source Files These files may be left by some text/html editors (like Vi/Vim) and pose a great security danger, when anyone can access them. ``` apacheconf