From d9626e72e7c610c58f2b9f80b444607d5fd3d4c6 Mon Sep 17 00:00:00 2001
From: Old-Fart <mathieu@zeroserieux.com>
Date: Mon, 11 Jul 2016 18:46:49 -0400
Subject: [PATCH] Updates .htaccess files

Adds more security related directives
---
 .htaccess        | 16 +++++++++++++++-
 public/.htaccess | 16 ++++++++++++++--
 2 files changed, 29 insertions(+), 3 deletions(-)

diff --git a/.htaccess b/.htaccess
index bf7ee9cf9..92656d2c3 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,6 +1,20 @@
+# Very simple security for apache webserver - do not remove.
+#
 # Restrict access to DotFiles (like .htaccess, .env, .gitignore....)
-# Do not remove if you are running Apache web server.
 <FilesMatch "^\.">
     Order allow,deny
     Deny from all
 </FilesMatch>
+
+# Restrict access to system files
+<FilesMatch "^(composer.json|composer.lock|artisan|code_of_conduct.md|gulpfile.js|package.json|error_log|phpspec.yml|example.env)">
+    Order allow,deny
+    Deny from all
+</FilesMatch>
+
+# Uncomment to restrict access to release text files
+#<FilesMatch "^(LICENSE|README.md|readme.txt|release-notes.txt)">
+#    Order allow,deny
+#    Deny from all
+#</FilesMatch>
+
diff --git a/public/.htaccess b/public/.htaccess
index e2ed529bd..e678ac5b2 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -4,7 +4,7 @@
     </IfModule>
 
     RewriteEngine On
-    
+
     # Redirect Trailing Slashes...
     RewriteRule ^(.*)/$ /$1 [L,R=301]
 
@@ -15,8 +15,20 @@
 </IfModule>
 
 # Restrict access to DotFiles (like .htaccess, .env, .gitignore....)
-# Do not remove if you are running Apache web server.
 <FilesMatch "^\.">
     Order allow,deny
     Deny from all
 </FilesMatch>
+
+# Restrict access to system files
+<FilesMatch "^(composer.json|composer.lock|artisan|code_of_conduct.md|gulpfile.js|package.json|error_log|phpspec.yml|example.env)">
+    Order allow,deny
+    Deny from all
+</FilesMatch>
+
+# Uncomment to restrict access to release text files
+#<FilesMatch "^(LICENSE|README.md|readme.txt|release-notes.txt)">
+#    Order allow,deny
+#    Deny from all
+#</FilesMatch>
+