X-Git-Url: https://git.donarmstrong.com/?a=blobdiff_plain;f=.htaccess;h=55dad98edcfbb8838af7025037f3c17751525ed2;hb=3d79397e8dcf27fc130a207ed0149bcd2036c584;hp=00e1bf2db837dbcbb54bc18c098036ec0dd03027;hpb=0e566f14d53229e4e8e1edf2cfa707cab802fc33;p=roundcube.git

diff --git a/.htaccess b/.htaccess
index 00e1bf2..55dad98 100644
--- a/.htaccess
+++ b/.htaccess
@@ -16,7 +16,8 @@ php_flag	magic_quotes_runtime		Off
 php_flag	zend.ze1_compatibility_mode	Off
 php_flag 	suhosin.session.encrypt 	Off
 
-php_value	session.auto_start	0
+#php_value	session.cookie_path		/
+php_flag	session.auto_start	Off
 php_value	session.gc_maxlifetime	21600
 php_value	session.gc_divisor	500
 php_value	session.gc_probability	1
@@ -28,6 +29,9 @@ php_value	mbstring.func_overload	0
 <IfModule mod_rewrite.c>
 RewriteEngine On
 RewriteRule ^favicon.ico$ skins/default/images/favicon.ico
+# security rules
+RewriteRule .svn/ - [F]
+RewriteRule ^README|INSTALL|LICENSE|SQL|bin|CHANGELOG$ - [F]
 </IfModule>
 
 <IfModule mod_deflate.c>
@@ -46,4 +50,6 @@ ExpiresDefault "access plus 1 month"
 
 FileETag MTime Size
 
-
+<IfModule mod_autoindex.c>
+Options -Indexes
+</ifModule>