Chris@0: # Deny all requests from Apache 2.4+. Chris@0: Chris@0: Require all denied Chris@0: Chris@0: Chris@0: # Deny all requests from Apache 2.0-2.2. Chris@0: Chris@0: Deny from all Chris@0: Chris@0: # Turn off all options we don't need. Chris@0: Options -Indexes -ExecCGI -Includes -MultiViews Chris@0: Chris@0: # Set the catch-all handler to prevent scripts from being executed. Chris@0: SetHandler Drupal_Security_Do_Not_Remove_See_SA_2006_006 Chris@0: Chris@0: # Override the handler again if we're run later in the evaluation list. Chris@0: SetHandler Drupal_Security_Do_Not_Remove_See_SA_2013_003 Chris@0: Chris@0: Chris@0: # If we know how to do it safely, disable the PHP engine entirely. Chris@0: Chris@0: php_flag engine off Chris@0: