From 0e78dce54d5fcb69d6919674f1d5b6d090d52291 Mon Sep 17 00:00:00 2001
From: Mathieu Aubin <mathieu@zeroserieux.com>
Date: Tue, 5 Jul 2016 01:06:34 -0400
Subject: [PATCH] Apache Security Fix

Denies access to all dotfiles on Apache webserver.
---
 public/.htaccess | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/public/.htaccess b/public/.htaccess
index 04e08bafe..e2ed529bd 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -13,3 +13,10 @@
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteRule ^ index.php [L]
 </IfModule>
+
+# Restrict access to DotFiles (like .htaccess, .env, .gitignore....)
+# Do not remove if you are running Apache web server.
+<FilesMatch "^\.">
+    Order allow,deny
+    Deny from all
+</FilesMatch>