mirror/Fail2Ban-Report
1
0
Fork 0
mirror of https://github.com/SubleXBle/Fail2Ban-Report.git synced 2026-04-29 19:49:50 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
f1d2b42dfa748e5dd34e91e6ae6ffbc25b960cba
Fail2Ban-Report/.htaccess
T
SubleXBle 0c15b06278 Update .htaccess
2025-07-28 02:08:57 +02:00

67 lines
2.0 KiB
ApacheConf
Raw Blame History

# ----------------------------------------------------
# BASIC PROTECTION
# ----------------------------------------------------
# Disable directory listing
Options -Indexes
# Block direct access to sensitive file types
<FilesMatch "\.(json|sh|ini|log|bak|OLD)$">
Require all denied
</FilesMatch>
# Protect the .htaccess file itself
<Files .htaccess>
Require all denied
</Files>
# Protect the .json files in archive/
# Protect .php files in includes
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^archive/.*\.json$ - [F,L]
RewriteRule ^includes/.*\.php$ - [F,L]
</IfModule>
# ----------------------------------------------------
# BASIC HTTPS HEADERS
# ----------------------------------------------------
<IfModule mod_headers.c>
Header always set X-Content-Type-Options "nosniff"
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-XSS-Protection "1; mode=block"
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" env=HTTPS
</IfModule>
# ----------------------------------------------------
# Set UTF-8 as default charset
# ----------------------------------------------------
AddDefaultCharset utf-8
# ----------------------------------------------------
# Set your own Rules to fit your needs down here
# Example for additonal configuration
# ----------------------------------------------------
# Enable Basic Authentication (uncomment and configure if needed)
# AuthType Basic
# AuthName "Restricted Area"
# AuthUserFile /path/to/.htpasswd
# Require valid-user
# Restrict access by IP address (adjust IP ranges accordingly)
# <RequireAny>
# Require ip 192.168.1.0/24
# Require ip 203.0.113.5
# </RequireAny>
# Block access to backup files (optional)
# <FilesMatch "\.(bak|old|backup)$">
# Require all denied
# </FilesMatch>
# Add your own security headers or overrides below
# Header always set Referrer-Policy "no-referrer-when-downgrade"
# Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline';"
Reference in New Issue View Git Blame Copy Permalink