public gelöscht

This commit is contained in:
Manfred Pürro 2022-12-31 18:33:48 +01:00
parent 40d699ca5e
commit ff1b3774ee
7 changed files with 0 additions and 242 deletions

View file

@ -1,47 +0,0 @@
### SILVERSTRIPE START ###
# Deny access to templates (but allow from localhost)
<Files *.ss>
Require ip 127.0.0.1
</Files>
# Deny access to IIS configuration
<Files web.config>
Require all denied
</Files>
# Deny access to YAML configuration files which might include sensitive information
<Files ~ "\.ya?ml$">
Require all denied
</Files>
# Route errors to static pages automatically generated by SilverStripe
ErrorDocument 404 /assets/error-404.html
ErrorDocument 500 /assets/error-500.html
<IfModule mod_rewrite.c>
# Turn off index.php handling requests to the homepage fixes issue in apache >=2.4
<IfModule mod_dir.c>
DirectoryIndex disabled
DirectorySlash On
</IfModule>
SetEnv HTTP_MOD_REWRITE On
RewriteEngine On
# Enable HTTP Basic authentication workaround for PHP running in CGI mode
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Deny access to potentially sensitive files and folders
RewriteRule ^vendor(/|$) - [F,L,NC]
RewriteRule ^\.env - [F,L,NC]
RewriteRule silverstripe-cache(/|$) - [F,L,NC]
RewriteRule composer\.(json|lock) - [F,L,NC]
RewriteRule (error|silverstripe|debug)\.log - [F,L,NC]
# Process through SilverStripe if no file with the requested name exists.
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* index.php
</IfModule>
### SILVERSTRIPE END ###

View file

@ -1,4 +0,0 @@
/**/*
!.gitignore
!.htaccess
!web.config

View file

@ -1,35 +0,0 @@
#
# Whitelist appropriate assets files.
# This file is automatically generated via File.allowed_extensions configuration
# See AssetAdapter::renderTemplate() for reference.
#
# We disable PHP via several methods
# Replace the handler with the default plaintext handler
AddHandler default-handler php phtml php3 php4 php5 inc
<IfModule mod_php5.c>
# Turn the PHP engine off
php_flag engine off
</IfModule>
<IfModule mod_rewrite.c>
<IfModule mod_env.c>
SetEnv HTTP_MOD_REWRITE On
</IfModule>
RewriteEngine On
# Allow error pages
RewriteCond %{REQUEST_FILENAME} -f
RewriteRule error[^\\/]*\.html$ - [L]
# Allow specific file extensions
RewriteCond %{REQUEST_URI} !^[^.]*[^\/]*\.(?i:css|js|ace|arc|arj|asf|au|avi|bmp|bz2|cab|cda|csv|dmg|doc|docx|dotx|flv|gif|gpx|gz|hqx|ico|jpeg|jpg|kml|m4a|m4v|mid|midi|mkv|mov|mp3|mp4|mpa|mpeg|mpg|ogg|ogv|pages|pcx|pdf|png|pps|ppt|pptx|potx|ra|ram|rm|rtf|sit|sitx|tar|tgz|tif|tiff|txt|wav|webm|wma|wmv|xls|xlsx|xltx|zip|zipx|graphql|svg)$
RewriteRule .* - [F]
# Non existant files passed to requesthandler
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* ../index.php [QSA]
</IfModule>

View file

@ -1,101 +0,0 @@
<!--
Configuration to whitelist appropriate asset files, for IIS.
Note that you will need to maintain this whitelist yourself if you modify File::$allowed_extensions
If you are not using IIS then you can ignore this file.
If you are using Apache then you should look at assets/.htaccess instead.
To add an extension to to the list, you will need to add another <add> entry inside the <fileExtensions>
tag.
For example, to add *.exe files to the list of downloadable assets, add this line below the
<fileExtensions line>:
<add fileExtension=".exe" allowed="true" />
Once you do this, visitors will be able to download *.exe files that are uploaded to the assets
directory.
-->
<configuration>
<system.webServer>
<security>
<requestFiltering>
<fileExtensions allowUnlisted="false" applyToWebDAV="true">
<add fileExtension=".html" allowed="true" />
<add fileExtension=".htm" allowed="true" />
<add fileExtension=".xhtml" allowed="true" />
<add fileExtension=".js" allowed="true" />
<add fileExtension=".css" allowed="true" />
<add fileExtension=".bmp" allowed="true" />
<add fileExtension=".png" allowed="true" />
<add fileExtension=".gif" allowed="true" />
<add fileExtension=".jpg" allowed="true" />
<add fileExtension=".jpeg" allowed="true" />
<add fileExtension=".ico" allowed="true" />
<add fileExtension=".pcx" allowed="true" />
<add fileExtension=".tif" allowed="true" />
<add fileExtension=".tiff" allowed="true" />
<add fileExtension=".au" allowed="true" />
<add fileExtension=".mid" allowed="true" />
<add fileExtension=".midi" allowed="true" />
<add fileExtension=".mpa" allowed="true" />
<add fileExtension=".mp3" allowed="true" />
<add fileExtension=".ogg" allowed="true" />
<add fileExtension=".m4a" allowed="true" />
<add fileExtension=".ra" allowed="true" />
<add fileExtension=".wma" allowed="true" />
<add fileExtension=".wav" allowed="true" />
<add fileExtension=".cda" allowed="true" />
<add fileExtension=".avi" allowed="true" />
<add fileExtension=".mpg" allowed="true" />
<add fileExtension=".mpeg" allowed="true" />
<add fileExtension=".asf" allowed="true" />
<add fileExtension=".wmv" allowed="true" />
<add fileExtension=".m4v" allowed="true" />
<add fileExtension=".mov" allowed="true" />
<add fileExtension=".mkv" allowed="true" />
<add fileExtension=".mp4" allowed="true" />
<add fileExtension=".ogv" allowed="true" />
<add fileExtension=".webm" allowed="true" />
<add fileExtension=".swf" allowed="true" />
<add fileExtension=".flv" allowed="true" />
<add fileExtension=".ram" allowed="true" />
<add fileExtension=".rm" allowed="true" />
<add fileExtension=".doc" allowed="true" />
<add fileExtension=".docx" allowed="true" />
<add fileExtension=".txt" allowed="true" />
<add fileExtension=".rtf" allowed="true" />
<add fileExtension=".xls" allowed="true" />
<add fileExtension=".xlsx" allowed="true" />
<add fileExtension=".pages" allowed="true" />
<add fileExtension=".ppt" allowed="true" />
<add fileExtension=".pptx" allowed="true" />
<add fileExtension=".pps" allowed="true" />
<add fileExtension=".csv" allowed="true" />
<add fileExtension=".cab" allowed="true" />
<add fileExtension=".arj" allowed="true" />
<add fileExtension=".tar" allowed="true" />
<add fileExtension=".zip" allowed="true" />
<add fileExtension=".zipx" allowed="true" />
<add fileExtension=".sit" allowed="true" />
<add fileExtension=".sitx" allowed="true" />
<add fileExtension=".gz" allowed="true" />
<add fileExtension=".tgz" allowed="true" />
<add fileExtension=".bz2" allowed="true" />
<add fileExtension=".ace" allowed="true" />
<add fileExtension=".arc" allowed="true" />
<add fileExtension=".pkg" allowed="true" />
<add fileExtension=".dmg" allowed="true" />
<add fileExtension=".hqx" allowed="true" />
<add fileExtension=".jar" allowed="true" />
<add fileExtension=".xml" allowed="true" />
<add fileExtension=".pdf" allowed="true" />
<add fileExtension=".gpx" allowed="true" />
<add fileExtension=".kml" allowed="true" />
</fileExtensions>
</requestFiltering>
</security>
</system.webServer>
</configuration>

Binary file not shown.

Before

Width:  |  Height:  |  Size: 1.4 KiB

View file

@ -1,25 +0,0 @@
<?php
use SilverStripe\Control\HTTPApplication;
use SilverStripe\Control\HTTPRequestBuilder;
use SilverStripe\Core\CoreKernel;
// Find autoload.php
if (file_exists(__DIR__ . '/../vendor/autoload.php')) {
require __DIR__ . '/../vendor/autoload.php';
} elseif (file_exists(__DIR__ . '/vendor/autoload.php')) {
require __DIR__ . '/vendor/autoload.php';
} else {
header('HTTP/1.1 500 Internal Server Error');
echo "autoload.php not found";
exit(1);
}
// Build request and detect flush
$request = HTTPRequestBuilder::createFromEnvironment();
// Default application
$kernel = new CoreKernel(BASE_PATH);
$app = new HTTPApplication($kernel);
$response = $app->handle($request);
$response->output();

View file

@ -1,30 +0,0 @@
<!-- Routing configuration for Microsoft IIS web server -->
<configuration>
<system.webServer>
<security>
<requestFiltering>
<hiddenSegments>
<add segment=".env" />
<add segment="silverstripe-cache" />
<add segment="composer.json" />
<add segment="composer.lock" />
</hiddenSegments>
<fileExtensions allowUnlisted="true" >
<add fileExtension=".ss" allowed="false"/>
<add fileExtension=".yml" allowed="false"/>
</fileExtensions>
</requestFiltering>
</security>
<rewrite>
<rules>
<rule name="SilverStripe Clean URLs" stopProcessing="true">
<match url="^(.*)$" />
<conditions>
<add input="{REQUEST_FILENAME}" matchType="IsFile" negate="true" />
</conditions>
<action type="Rewrite" url="index.php" appendQueryString="true" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>