From b52ac5eb58ccea29dd906efd0e7cef3e7dfe43f4 Mon Sep 17 00:00:00 2001
From: Nathaniel Catchpole <catch@35733.no-reply.drupal.org>
Date: Thu, 9 Feb 2017 19:56:05 +0000
Subject: [PATCH] Issue #2408321 by mfb, sanduhrs, D34dMan, C_Logemann,
 xumepadismal, John Morahan, serg2, walterebert, David Grudl: Support RFC 5785
 by whitelisting the .well-known directory

---
 .htaccess | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.htaccess b/.htaccess
index 4716fa12c8c..83cb71a042b 100644
--- a/.htaccess
+++ b/.htaccess
@@ -93,7 +93,7 @@ AddEncoding gzip svgz
   # If you do not have mod_rewrite installed, you should remove these
   # directories from your webroot or otherwise protect them from being
   # downloaded.
-  RewriteRule "(^|/)\.(?!well-known)" - [F]
+  RewriteRule "/\.|^\.(?!well-known/)" - [F]
 
   # If your site can be accessed both with and without the 'www.' prefix, you
   # can use one of the following settings to redirect users to your preferred