X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=.htaccess;h=2bc9f95eaa09245c8f4dbc412442bc26f8fc4f4c;hb=76507f7c63a660742e76889ad6e3919f3dde3bb0;hp=00e1bf2db837dbcbb54bc18c098036ec0dd03027;hpb=e8a0682b96f5b7f297e58d101735ba20a0cc3a89;p=roundcube.git

diff --git a/.htaccess b/.htaccess
index 00e1bf2..2bc9f95 100644
--- a/.htaccess
+++ b/.htaccess
@@ -16,6 +16,7 @@ php_flag	magic_quotes_runtime		Off
 php_flag	zend.ze1_compatibility_mode	Off
 php_flag 	suhosin.session.encrypt 	Off
 
+#php_value	session.cookie_path		/
 php_value	session.auto_start	0
 php_value	session.gc_maxlifetime	21600
 php_value	session.gc_divisor	500
@@ -28,6 +29,9 @@ php_value	mbstring.func_overload	0
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteRule ^favicon.ico$ skins/default/images/favicon.ico
+# security rules
+RewriteRule .svn/ - [F]
+RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
 </IfModule>
 
 <IfModule mod_deflate.c>
@@ -45,5 +49,4 @@ ExpiresDefault "access plus 1 month"
 </IfModule>
 
 FileETag MTime Size
-
-
+Options -Indexes