mirror/Fail2Ban-Report
1
0
Fork 0
mirror of https://github.com/SubleXBle/Fail2Ban-Report.git synced 2026-05-03 13:39:36 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
00334746d90483f2365d0f601b6930d514b7a190
Fail2Ban-Report/Web-UI/.htaccess
T
SubleXBle b30336064f Rename .htaccess to Web-UI/.htaccess
2025-08-16 20:17:38 +02:00

101 lines
3.4 KiB
ApacheConf
Raw Blame History

# ----------------------------------------------------
# Fail2Ban-Report Docker
# ----------------------------------------------------
# Do not modify up here !
# ----------------------------------------------------
# Disable directory listing
# ----------------------------------------------------
Options -Indexes
# ----------------------------------------------------
# Block direct access to sensitive file types
# ----------------------------------------------------
<FilesMatch "\.(sh|ini|log|json)$">
Require all denied
</FilesMatch>
# ----------------------------------------------------
# Protect the .htaccess file itself
# ----------------------------------------------------
<Files .htaccess>
Require all denied
</Files>
# ----------------------------------------------------
# Protect archive/
# ----------------------------------------------------
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^archive/ - [F,L]
</IfModule>
# ----------------------------------------------------
# Set UTF-8 as default charset and RewriteEngine on
# ----------------------------------------------------
AddDefaultCharset utf-8
RewriteEngine On
##########################################################
##########################################################
##########################################################
# ----------------------------------------------------
# Set your own Rules to fit your needs down here
# Example for additonal configuration
# ----------------------------------------------------
# This is mandatory for a save setup!
# Never expose this to the internet without https and restrictions (auth / ip)
# ----------------------------------------------------
# BASIC HTTPS HEADERS
# ----------------------------------------------------
# Redirect to HTTPS (also works behind reverse proxies using X-Forwarded-Proto)
# If HTTPS is not on AND X-Forwarded-Proto is not https, redirect to https URL
#RewriteCond %{HTTPS} !=on
#RewriteCond %{HTTP:X-Forwarded-Proto} !https
#RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Set environment variable HTTPS=1 if X-Forwarded-Proto is https (for header conditions)
#SetEnvIf X-Forwarded-Proto https HTTPS=1
# Security headers (set only when HTTPS is active)
<IfModule mod_headers.c>
# Header always set X-Content-Type-Options "nosniff"
# Header always set X-Frame-Options "SAMEORIGIN"
# Header always set X-XSS-Protection "1; mode=block"
# Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS
</IfModule>
# ----------------------------------------------------
# Set Basic Auth
# ----------------------------------------------------
# Enable Basic Authentication (uncomment and configure if needed)
#AuthType Basic
#AuthName "Restricted Area"
#AuthUserFile /var/www/.htpasswd
#Require valid-user
# Restrict access by IP address (adjust IP ranges accordingly)
# If you want to restrict access by IP addresses only, you can use RequireAny instead of RequireAll
# <RequireAll>
# Require valid-user
# Require ip 192.168.1.1 # Single IP (recommended)
# Require ip 192.168.1.0/24 # Network-Range
# </RequireAll>
# Block access to backup files (optional)
# <FilesMatch "\.(bak|old|backup)$">
# Require all denied
# </FilesMatch>
# Add your own security headers or overrides below
# Header always set Referrer-Policy "no-referrer-when-downgrade"
# Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline';"
Reference in New Issue View Git Blame Copy Permalink