From d2e9088ee464ff465a3a48aeb09710625c0755fb Mon Sep 17 00:00:00 2001 From: Philipp Hagemeister Date: Fri, 3 Feb 2017 22:00:33 +0100 Subject: prevent access to .git The repository wasn't secret per se, but there's no reason to allow access to the git files. Thanks to Ben Stock and CISPA for notifying us. --- .htaccess | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.htaccess b/.htaccess index 65b314e7e..0e8591d26 100644 --- a/.htaccess +++ b/.htaccess @@ -17,6 +17,8 @@ RewriteRule ^output-template/?$ https://github.com/rg3/youtube-dl#output-templat RewriteRule ^latest/version/?$ latest_version [L,T=text/plain] RewriteRule ^latest_version/?$ - [T=text/plain] RewriteRule ^latest(?:/(.*))?$ /downloads/latest/$1 [R=302,L] +RewriteRule ^\.git - [F] ErrorDocument 302 "302" + -- cgit v1.2.3