芝麻web文件管理V1.00
编辑当前文件:/home2/sdektunc/testcors.sdektun.com/htaccess.txt
## # @package Joomla # @copyright (C) 2005 Open Source Matters, Inc.
# @license GNU General Public License version 2 or later; see LICENSE.txt ## ## # READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE! # # The line 'Options +FollowSymLinks' may cause problems with some server configurations. # It is required for the use of Apache mod_rewrite, but it may have already been set by # your server administrator in a way that disallows changing it in this .htaccess file. # If using it causes your site to produce an error, comment it out (add # to the # beginning of the line), reload your site in your browser and test your sef urls. If # they work, then it has been set by your server administrator and you do not need to # set it here. ## ## Can be commented out if causes errors, see notes above. Options +FollowSymlinks Options -Indexes ## No directory listings
IndexIgnore *
## Suppress mime type detection in browsers for unknown types
Header always set X-Content-Type-Options "nosniff" ## # Disable Federated Learning of Cohorts (FLoC) # If you uncomment the below directive you have to allow this technology in the # Global Configuration of Joomla. Read more about this in the Post-Installation # message in the backend. ## # Header always set Permissions-Policy "interest-cohort=()"
## Protect against certain cross-origin requests. More information can be found here: ## https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP) ## https://web.dev/why-coop-coep/ #
# Header always set Cross-Origin-Resource-Policy "same-origin" # Header always set Cross-Origin-Embedder-Policy "require-corp" #
## Disable inline JavaScript when directly opening SVG files or embedding them with the object-tag
Header always set Content-Security-Policy "script-src 'none'"
## These directives are only enabled if the Apache mod_rewrite module is enabled
RewriteEngine On ## Begin - Rewrite rules to block out some common exploits. # If you experience problems on your site then comment out the operations listed # below by adding a # to the beginning of the line. # This attempts to block the most common type of exploit `attempts` on Joomla! # # Block any script trying to base64_encode data within the URL. RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR] # Block any script that includes a