Files
chat/.htaccess
T
2026-06-08 15:44:15 -04:00

28 lines
768 B
ApacheConf

# CyberChat .htaccess — Apache configuration
# Deny direct access to databases and the credential-bearing config file
<FilesMatch "(^config\.json$|\.sqlite($|-wal$|-shm$))">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</FilesMatch>
# Deny direct access to storage and internal PHP libraries
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^db/ - [F,L]
RewriteRule ^archive/ - [F,L]
RewriteRule ^lib/ - [F,L]
</IfModule>
# PHP settings (if allowed by host)
<IfModule mod_php.c>
php_value session.cookie_httponly 1
php_value session.cookie_samesite Strict
php_value session.use_strict_mode 1
</IfModule>