diff --git a/.htaccess b/.htaccess index 6f9123d14b1..b1ee36bf4c3 100644 --- a/.htaccess +++ b/.htaccess @@ -116,13 +116,13 @@ AddEncoding gzip svgz # RewriteBase / # Redirect common PHP files to their new locations. - RewriteCond %{REQUEST_URI} ^(.*)?/(install.php) [OR] - RewriteCond %{REQUEST_URI} ^(.*)?/(rebuild.php) + RewriteCond %{REQUEST_URI} ^(.*)?/(install\.php) [OR] + RewriteCond %{REQUEST_URI} ^(.*)?/(rebuild\.php) RewriteCond %{REQUEST_URI} !core RewriteRule ^ %1/core/%2 [L,QSA,R=301] # Rewrite install.php during installation to see if mod_rewrite is working - RewriteRule ^core/install.php core/install.php?rewrite=ok [QSA,L] + RewriteRule ^core/install\.php core/install.php?rewrite=ok [QSA,L] # Pass all requests not referring directly to files in the filesystem to # index.php. @@ -138,11 +138,11 @@ AddEncoding gzip svgz # Allow access to PHP files in /core (like authorize.php or install.php): RewriteCond %{REQUEST_URI} !/core/[^/]*\.php$ # Allow access to test-specific PHP files: - RewriteCond %{REQUEST_URI} !/core/modules/system/tests/https?.php + RewriteCond %{REQUEST_URI} !/core/modules/system/tests/https?\.php # Allow access to Statistics module's custom front controller. # Copy and adapt this rule to directly execute PHP files in contributed or # custom modules or to run another PHP application in the same directory. - RewriteCond %{REQUEST_URI} !/core/modules/statistics/statistics.php$ + RewriteCond %{REQUEST_URI} !/core/modules/statistics/statistics\.php$ # Deny access to any other PHP files that do not match the rules above. # Specifically, disallow autoload.php from being served directly. RewriteRule "^(.+/.*|autoload)\.php($|/)" - [F] diff --git a/core/assets/scaffold/files/htaccess b/core/assets/scaffold/files/htaccess index 6f9123d14b1..b1ee36bf4c3 100644 --- a/core/assets/scaffold/files/htaccess +++ b/core/assets/scaffold/files/htaccess @@ -116,13 +116,13 @@ AddEncoding gzip svgz # RewriteBase / # Redirect common PHP files to their new locations. - RewriteCond %{REQUEST_URI} ^(.*)?/(install.php) [OR] - RewriteCond %{REQUEST_URI} ^(.*)?/(rebuild.php) + RewriteCond %{REQUEST_URI} ^(.*)?/(install\.php) [OR] + RewriteCond %{REQUEST_URI} ^(.*)?/(rebuild\.php) RewriteCond %{REQUEST_URI} !core RewriteRule ^ %1/core/%2 [L,QSA,R=301] # Rewrite install.php during installation to see if mod_rewrite is working - RewriteRule ^core/install.php core/install.php?rewrite=ok [QSA,L] + RewriteRule ^core/install\.php core/install.php?rewrite=ok [QSA,L] # Pass all requests not referring directly to files in the filesystem to # index.php. @@ -138,11 +138,11 @@ AddEncoding gzip svgz # Allow access to PHP files in /core (like authorize.php or install.php): RewriteCond %{REQUEST_URI} !/core/[^/]*\.php$ # Allow access to test-specific PHP files: - RewriteCond %{REQUEST_URI} !/core/modules/system/tests/https?.php + RewriteCond %{REQUEST_URI} !/core/modules/system/tests/https?\.php # Allow access to Statistics module's custom front controller. # Copy and adapt this rule to directly execute PHP files in contributed or # custom modules or to run another PHP application in the same directory. - RewriteCond %{REQUEST_URI} !/core/modules/statistics/statistics.php$ + RewriteCond %{REQUEST_URI} !/core/modules/statistics/statistics\.php$ # Deny access to any other PHP files that do not match the rules above. # Specifically, disallow autoload.php from being served directly. RewriteRule "^(.+/.*|autoload)\.php($|/)" - [F]