Google Search
I have checked couple such gsearch results.
There's one thing that worries me. Most of those dozen websites I've checked had enabled directory listing.
Although one cannot traverse and check what's inside other protected directories within /bl-content/, can see the dir tree and all other images in uploads.
i'd suggest at least adding inside default .htaccess option to disable directory listing with
Code: Select all
Options -Indexes
- Edi
- Site Admin
- Posts: 3121
- Joined: Sun Aug 09, 2015 5:01 pm
- Location: Zurich
- Has thanked: 54 times
- Been thanked: 77 times
- Contact:
I think this is a good solution.Jay wrote: ↑Sun Apr 05, 2020 10:02 pm i'd suggest at least adding inside default .htaccess option to disable directory listing withCode: Select all
Options -Indexes
Clickwork - Websites mit Bludit | Planet Bludit - Tipps und Snippets
After inserting the code, he writes this:
ERR_TOO_MANY_REDIRECTS
The provider told me that this code should be rewritten:
What will you advise me about?
ERR_TOO_MANY_REDIRECTS
The provider told me that this code should be rewritten:
Code: Select all
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php [PT,L]
Clearing browser's cache, and cookies for your websites or creating new browser profile and trying out; commenting out second line forcing all requests to directories being processed by index.php file (might cause other problems); fixing http to https redirects; who knows except you how you have configured bludit instance on webshosting's provider platform nobody knows nothing about.
This is my htaccess file:
Code: Select all
AddDefaultCharset UTF-8
Options -Indexes
<IfModule mod_rewrite.c>
# Enable rewrite rules
RewriteEngine on
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\.mysite\.com [NC]
RewriteRule (.*) https://mysite.com/$1 [L,R=301]
# Base directory
RewriteBase /
# Deny direct access to the next directories
RewriteRule ^bl-content/(databases|workspaces|pages|tmp)/.*$ - [R=404,L]
# All URL process by index.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*) index.php [PT,L]
</IfModule>
You are the owner of mysite.com? (´・ᴗ・ ` )
Or you just copypasted one of example mod rewrite rules redirecting connections from http to https without even changing domain name? ( ͡º ͜ʖ͡º)
Check new rules on default cms' .htaccess file, not just copy paste them in random places.
It matters where you put them, and how you end processing of every earlier or later rule. As neither rule you posted, or the rule I've described causes redirection loop.
Or you just copypasted one of example mod rewrite rules redirecting connections from http to https without even changing domain name? ( ͡º ͜ʖ͡º)
Check new rules on default cms' .htaccess file, not just copy paste them in random places.
It matters where you put them, and how you end processing of every earlier or later rule. As neither rule you posted, or the rule I've described causes redirection loop.