drupal/.htaccess

#
# Apache/PHP/site settings:
#

# Protect files and directories from prying eyes:
<Files ~ "(\.(conf|inc|module|pl|sh|sql|theme)|Entries|Repositories|Root|scripts|updates)$">
  order deny,allow
  deny from all
</Files>

# Deny directory listings:
Options -Indexes

# Customized server error messages:
ErrorDocument 400 /error.php
ErrorDocument 402 /error.php
ErrorDocument 403 /error.php
ErrorDocument 404 /error.php
ErrorDocument 500 /error.php

# Overload PHP variables:
<IfModule mod_php4.c>
   php_value register_globals        1
   php_value track_vars              1
   php_value short_open_tag          1
   php_value magic_quotes_gpc        0
   php_value magic_quotes_runtime    0
   php_value magic_quotes_sybase     0
   php_value arg_separator.output    "&amp;"  
   php_value session.cache_expire    200000
   php_value session.cookie_lifetime 2000000
   php_value session.auto_start      0
   php_value session.save_handler    user 
   php_value session.cache_limiter   none
   php_value allow_call_time_pass_reference  Off
</IfModule>

# Various rewrite rules
<IfModule mod_rewrite.c>
  RewriteEngine on
  # Rewrite old-style URLS of the form 'node.php?id=x':
  RewriteCond %{QUERY_STRING} ^id=([^&]+)$
  RewriteRule node.php index.php?q=node/view/%1
  # Rewrite old-style URLs of the form 'module.php?mod=x':
  RewriteCond %{QUERY_STRING} ^mod=([^&]+)$
  RewriteRule module.php index.php?q=%1
  # Rewrite URLs of the form 'index.php?q=x':
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.*)$ index.php?q=$1 [L,QSA] 
</IfModule>

# $Id$
* Added the foundations to create customized error pages. http://beta.drop.org/foobar.php (The customized error pages need to be beautified.) 2000-05-28 09:23:56 +00:00			`#`
* Added extra PHP variables to .htaccess as discussed earlier this week. 2000-06-22 09:14:16 +00:00			`# Apache/PHP/site settings:`
* Added the foundations to create customized error pages. http://beta.drop.org/foobar.php (The customized error pages need to be beautified.) 2000-05-28 09:23:56 +00:00			`#`

- a better .htaccess 2000-12-16 09:27:52 +00:00			`# Protect files and directories from prying eyes:`
- cleaned up .htaccess. Removed some php settings and made the deny filters more specific. 2001-11-24 13:18:58 +00:00			`<Files ~ "(\.(conf\|inc\|module\|pl\|sh\|sql\|theme)\|Entries\|Repositories\|Root\|scripts\|updates)$">`
Again, a large batch of updates - I'm twisting things around here: 1. improved .htaccess to be more "secure": to keep prying eyes out 2. rewrote the administration section from scratch using a modular approach 3. improved the information gathered by error.php - we can now (hopefully) track what bots are crawling us. 4. fixed a bug in submit.php, fixed a bug in theme zaphod, fixed a bug in theme marvin. 5. rewrote cron from scratch - it now interfaces with modules as it should have been from the beginning. Very cool if you ask me - it can use UNIX/Linux crontabs. 6. updated widget.inc to be module aware - needs more work though - maybe this afternoon? 7. updated most modules: small bugfixes, improvements, and even the documentation 8. removed diary.php and made it a module - you can now run a drop.org site without a diary system if someone would prefer so 9. updated all themes to use the new modules where appropriate 10. added a robots.txt because the error message in the watchdog become annoying. 11. added the new configuration system (mutliple vhosts on the same source tree) - use hostname.conf instead of config.inc 12. removed calendar.inc and made it a module 13. added format_interval() to functions.inc (UnConeD) 14. whatever I forgot ... 2000-12-16 08:39:01 +00:00			`order deny,allow`
			`deny from all`
			`</Files>`

- cleaned up .htaccess. Removed some php settings and made the deny filters more specific. 2001-11-24 13:18:58 +00:00			`# Deny directory listings:`
			`Options -Indexes`

* Added the foundations to create customized error pages. http://beta.drop.org/foobar.php (The customized error pages need to be beautified.) 2000-05-28 09:23:56 +00:00			`# Customized server error messages:`
			`ErrorDocument 400 /error.php`
			`ErrorDocument 402 /error.php`
			`ErrorDocument 403 /error.php`
			`ErrorDocument 404 /error.php`
			`ErrorDocument 500 /error.php`
Changing the httpd conf so the sessions are stored longer and use DROPID as the cookie name :) 2000-06-03 09:20:45 +00:00
* Added extra PHP variables to .htaccess as discussed earlier this week. 2000-06-22 09:14:16 +00:00			`# Overload PHP variables:`
			`<IfModule mod_php4.c>`
- setting magic_quotes_gpc to 0 (off). IF it causes any problems please report. 2002-09-27 16:50:42 +00:00			`php_value register_globals 1`
I just commit everything what was queued in my backlog: - Added a basic implementation of comment moderation - Updated and renamed my 2 themes: I removed redundant boxes and tried to work towards simplicity. - Disabled the other themes as they are broken (I gave you sufficent time to update them). - Removed redundant files. - Added security checks with regard to the usage of HTML tags. 2000-09-26 07:34:33 +00:00			`php_value track_vars 1`
- Added "short_open_tag 1" to the PHP settings. 2002-12-07 21:21:35 +00:00			`php_value short_open_tag 1`
- setting magic_quotes_gpc to 0 (off). IF it causes any problems please report. 2002-09-27 16:50:42 +00:00			`php_value magic_quotes_gpc 0`
I just commit everything what was queued in my backlog: - Added a basic implementation of comment moderation - Updated and renamed my 2 themes: I removed redundant boxes and tried to work towards simplicity. - Disabled the other themes as they are broken (I gave you sufficent time to update them). - Removed redundant files. - Added security checks with regard to the usage of HTML tags. 2000-09-26 07:34:33 +00:00			`php_value magic_quotes_runtime 0`
			`php_value magic_quotes_sybase 0`
- Fixed blog.module to accept blog/name URLs as well as blog/id - Changed the RewriteRule in .htaccess. - Fixed form_select() matching incorrectly. - Added missing $Id$ to menu.inc 2003-02-12 21:37:55 +00:00			`php_value arg_separator.output "&"`
- tweaked some of the php settings. 2001-12-09 14:23:06 +00:00			`php_value session.cache_expire 200000`
			`php_value session.cookie_lifetime 2000000`
- here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4 - tidied up some of the code and mainly working on the documentation 2000-12-30 11:58:14 +00:00			`php_value session.auto_start 0`
- set session.save_handler to user. required to use session_set_save_handler() in user.module. 2001-09-18 20:36:28 +00:00			`php_value session.save_handler user`
- Made sure session.cache_limiter is set to "none" as suggested by Moshe and Ax. 2002-12-08 08:19:29 +00:00			`php_value session.cache_limiter none`
- applying patches from Axel Kollmorgen. See http://list.drupal.org/drupal-devel/2002-February/thread.html#6678 http://list.drupal.org/drupal-devel/2002-February/thread.html#6629 - removed references to $this->user() from themes. - removed $BaseTheme->user(). It was deprecated a while back. NOTE: this update will break custom themes, so make sure you update your themes before updating! 2002-02-17 13:04:50 +00:00			`php_value allow_call_time_pass_reference Off`
* Added extra PHP variables to .htaccess as discussed earlier this week. 2000-06-22 09:14:16 +00:00			`</IfModule>`
- Adding the rewrite rule for blog until a better system can be implemented. 2001-07-14 14:28:32 +00:00
			`# Various rewrite rules`
			`<IfModule mod_rewrite.c>`
			`RewriteEngine on`
- The .htaccess file will now correct the majority of the external referers that still use the old URL scheme! Thanks Ax and Gerhard for providing a better upgrade path. 2003-03-09 17:04:14 +00:00			`# Rewrite old-style URLS of the form 'node.php?id=x':`
			`RewriteCond %{QUERY_STRING} ^id=([^&]+)$`
			`RewriteRule node.php index.php?q=node/view/%1`
			`# Rewrite old-style URLs of the form 'module.php?mod=x':`
			`RewriteCond %{QUERY_STRING} ^mod=([^&]+)$`
			`RewriteRule module.php index.php?q=%1`
			`# Rewrite URLs of the form 'index.php?q=x':`
- Clean URLs. 2003-02-14 19:52:45 +00:00			`RewriteCond %{REQUEST_FILENAME} !-f`
			`RewriteCond %{REQUEST_FILENAME} !-d`
- Bugfix: made the pager work when clean URLs are enabled. Patch by Ax. 2003-02-20 08:02:57 +00:00			`RewriteRule ^(.*)$ index.php?q=$1 [L,QSA]`
- cleaned up .htaccess. Removed some php settings and made the deny filters more specific. 2001-11-24 13:18:58 +00:00			`</IfModule>`

			`# $Id$`