| DirectoryIndex index.php index.html .ht |
| DirectoryIndex index.php index.html .ht |
| |
| |
| <FilesMatch "^composer|^autoload|^cli-config|^COPYING|\.(ini|lock|dist|git|sh|bak|swp)$"> |
| <FilesMatch "^composer|^autoload|^cli-config|^COPYING|\.(ini|lock|dist|git|sh|bak|swp)$"> |
| order allow,deny |
| order allow,deny |
| deny from all |
| deny from all |
| </FilesMatch> |
| </FilesMatch> |
| |
| |
| <Files ~ "index.php|index_dev.php"> |
| <Files ~ "index.php|index_dev.php"> |
| order deny,allow |
| order deny,allow |
| allow from all |
| allow from all |
| </Files> |
| </Files> |
| |
| |
. | |
| <IfModule mod_headers.c> |
| |
| # クリックジャッキング対策 |
| |
| Header always set X-Frame-Options SAMEORIGIN |
| |
| |
| |
| # XSS対策 |
| |
| Header set X-XSS-Protection "1; mode=block" |
| |
| Header set X-Content-Type-Options nosniff |
| |
| </IfModule> |
| |
| |
| <IfModule mod_rewrite.c> |
| <IfModule mod_rewrite.c> |
| RewriteEngine On |
| RewriteEngine On |
| |
| |
| # Authorization ヘッダが取得できない環境への対応 |
| # Authorization ヘッダが取得できない環境への対応 |
| RewriteCond %{HTTP:Authorization} ^(.*) |
| RewriteCond %{HTTP:Authorization} ^(.*) |
| RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1] |
| RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1] |
| |
| |
| # さくらのレンタルサーバでサイトへのアクセスをSSL経由に制限する場合の対応 |
| # さくらのレンタルサーバでサイトへのアクセスをSSL経由に制限する場合の対応 |
| # RewriteCond %{HTTP:x-sakura-forwarded-for} !^$ |
| # RewriteCond %{HTTP:x-sakura-forwarded-for} !^$ |
| # RewriteRule ^(.*) - [E=HTTPS:on] |
| # RewriteRule ^(.*) - [E=HTTPS:on] |
| |
| |
| RewriteCond %{REQUEST_FILENAME} !-f |
| RewriteCond %{REQUEST_FILENAME} !-f |
| RewriteCond %{REQUEST_FILENAME} !^(.*)\.(gif|png|jpe?g|css|ico|js|svg)$ [NC] |
| RewriteCond %{REQUEST_FILENAME} !^(.*)\.(gif|png|jpe?g|css|ico|js|svg)$ [NC] |
| RewriteRule ^(.*)$ index.php [QSA,L] |
| RewriteRule ^(.*)$ index.php [QSA,L] |
| </IfModule> |
| </IfModule> |
| |
| |
| # 管理画面へのBasic認証サンプル |
| # 管理画面へのBasic認証サンプル |
| # |
| # |
| # Satisfy Any |
| # Satisfy Any |
| # |
| # |
| # AuthType Basic |
| # AuthType Basic |
| # AuthName "Please enter username and password" |
| # AuthName "Please enter username and password" |
| # AuthUserFile /path/to/.htpasswd |
| # AuthUserFile /path/to/.htpasswd |
| # AuthGroupFile /dev/null |
| # AuthGroupFile /dev/null |
| # require valid-user |
| # require valid-user |
| # |
| # |
| # SetEnvIf Request_URI "^/admin" admin_path # ^/adminは, 管理画面URLに応じて変更してください |
| # SetEnvIf Request_URI "^/admin" admin_path # ^/adminは, 管理画面URLに応じて変更してください |
| # Order Allow,Deny |
| # Order Allow,Deny |
| # Allow from all |
| # Allow from all |
| # Deny from env=admin_path |
| # Deny from env=admin_path |
| |
| |