I’ve noticed that 2.5.7 includes an .htaccess file. Here are the contents:
Order Deny,Allow Deny from all <FilesMatch "^akismet\.(css|js)$"> Allow from all </FilesMatch>
It would be much better and efficient if you used “Order Allow,Deny”
Because “Order Deny,Allow” is blacklisting and “Order Allow,Deny” is whitelisting, which is basically what you’re trying to do.
Per Apache docs:
“First, all Allow directives are evaluated; at least one must match, or the request is rejected. Next, all Deny directives are evaluated. If any matches, the request is rejected. Last, any requests which do not match an Allow or a Deny directive are denied by default.”
In simple terms, if the request doesn’t match an “Allow” directive it is denied.
So this would be better:
Order Allow,Deny <FilesMatch "^akismet\.(css|gif|js)$"> Allow from all </FilesMatch>
- The topic ‘Better .htaccess’ is closed to new replies.