X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=.htaccess;h=2bc9f95eaa09245c8f4dbc412442bc26f8fc4f4c;hb=48e244a464574aa732ef5ab3fe759f1e05665b3d;hp=fcb8f6c8fd28e7072bc433c6be5cfe55926703d9;hpb=8d00e7f2ca613449885c5b9613a234c387825907;p=roundcube.git

diff --git a/.htaccess b/.htaccess
index fcb8f6c..2bc9f95 100644
--- a/.htaccess
+++ b/.htaccess
@@ -4,16 +4,19 @@ AddType text/x-component .htc
 <IfModule mod_php5.c>
 php_flag	display_errors	Off
 php_flag	log_errors	On
-php_value	error_log	logs/errors
+# php_value	error_log	logs/errors
 
 php_value	upload_max_filesize	5M
-php_value	post_max_size	6M
-php_value	memory_limit	64M
+php_value	post_max_size		6M
+php_value	memory_limit		64M
 
-php_value	zlib.output_compression	0
-php_value	magic_quotes_gpc	0
-php_value	zend.ze1_compatibility_mode	0
+php_flag	zlib.output_compression		Off
+php_flag	magic_quotes_gpc		Off
+php_flag	magic_quotes_runtime		Off
+php_flag	zend.ze1_compatibility_mode	Off
+php_flag 	suhosin.session.encrypt 	Off
 
+#php_value	session.cookie_path		/
 php_value	session.auto_start	0
 php_value	session.gc_maxlifetime	21600
 php_value	session.gc_divisor	500
@@ -23,15 +26,27 @@ php_value	session.gc_probability	1
 php_value	mbstring.func_overload	0
 </IfModule>
 
-<FilesMatch "(\.inc|\~)$">
-  Order allow,deny
-  Deny from all
-</FilesMatch>
-
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteRule ^favicon.ico$ skins/default/images/favicon.ico
+# security rules
+RewriteRule .svn/ - [F]
+RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
+</IfModule>
+
+<IfModule mod_deflate.c>
+SetOutputFilter DEFLATE
+</IfModule>
+
+<IfModule mod_headers.c>
+# replace 'append' with 'merge' for Apache version 2.2.9 and later
+#Header append Cache-Control public env=!NO_CACHE
+</IfModule>
+
+<IfModule mod_expires.c>
+ExpiresActive On
+ExpiresDefault "access plus 1 month"
 </IfModule>
- 
-Order deny,allow
-Allow from all
+
+FileETag MTime Size
+Options -Indexes