# Override the handler again if we're run later in the evaluation list. SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003 # If we know how to do it safely, disable the PHP engine entirely. php_flag engine off EOF; } /** * Returns htaccess directives to block all access to a given directory. * * @return string * Apache htaccess directives to block access to a location. */ protected static function denyPublicAccess() { return << Require all denied # Deny all requests from Apache 2.0-2.2. Deny from all EOF; } /** * Writes a web.config file in the given directory, if it doesn't exist. * * @param string $directory * The directory. * @param bool $force * (optional) Set to TRUE to force overwrite an existing file. * * @return bool * TRUE if the file already exists or was created. FALSE otherwise. */ public static function writeWebConfig($directory, $force = FALSE) { return self::writeFile($directory, 'web.config', self::webConfigLines(), $force); } /** * Returns the standard web.config lines for security. * * @return string * The contents of the web.config file. */ public static function webConfigLines() { return << EOT; } /** * Writes the contents to the file in the given directory. * * @param string $directory * The directory to write to. * @param string $filename * The file name. * @param string $contents * The file contents. * @param bool $force * TRUE if we should force the write over an existing file. * * @return bool * TRUE if writing the file was successful. */ protected static function writeFile($directory, $filename, $contents, $force) { $file_path = $directory . DIRECTORY_SEPARATOR . $filename; // Don't overwrite if the file exists unless forced. if (file_exists($file_path) && !$force) { return TRUE; } // Try to write the file. This can fail if concurrent requests are both // trying to write a the same time. if (@file_put_contents($file_path, $contents)) { return @chmod($file_path, 0444); } return FALSE; } }