Chris@0: # Deny all requests from Apache 2.4+.
Chris@0:
Chris@0: Require all denied
Chris@0:
Chris@0:
Chris@0: # Deny all requests from Apache 2.0-2.2.
Chris@0:
Chris@0: Deny from all
Chris@0:
Chris@0: # Turn off all options we don't need.
Chris@0: Options -Indexes -ExecCGI -Includes -MultiViews
Chris@0:
Chris@0: # Set the catch-all handler to prevent scripts from being executed.
Chris@0: SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006
Chris@0:
Chris@0: # Override the handler again if we're run later in the evaluation list.
Chris@0: SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003
Chris@0:
Chris@0:
Chris@0: # If we know how to do it safely, disable the PHP engine entirely.
Chris@0:
Chris@0: php_flag engine off
Chris@0: