| 123456789101112131415 |
- # Admin area – only PHP files are served; all others are blocked.
- # Authentication is handled by admin/auth.php (PHP session), NOT HTTP Basic Auth,
- # so no AuthType directive is needed here.
- Options -Indexes
- # Deny access to everything by default, then selectively allow PHP files
- <FilesMatch "\.php$">
- Require all granted
- </FilesMatch>
- # Deny everything that is NOT a .php file
- <FilesMatch "^(?!.*\.php$)">
- Require all denied
- </FilesMatch>
|
