diff --git a/.ddev/.gitignore b/.ddev/.gitignore index 2824c39..e491350 100644 --- a/.ddev/.gitignore +++ b/.ddev/.gitignore @@ -9,7 +9,9 @@ /.*downloads /.global_commands /.homeadditions +/.importdb* /.sshimageBuild +/.venv /.webimageBuild /.webimageExtra /apache/apache-site.conf @@ -18,13 +20,19 @@ /commands/host/launch /commands/web/xdebug /commands/web/live -/config.*.y*ml +/config.local.y*ml /db_snapshots /import-db /import.yaml -/mutagen +/mutagen/mutagen.yml +/mutagen/.start-synced /nginx_full/nginx-site.conf /postgres/postgresql.conf +/providers/platform.yaml /sequelpro.spf -/xhprof +/settings/settings.ddev.py +/traefik/config/geo.yaml +/traefik/certs/geo.crt +/traefik/certs/geo.key +/xhprof/xhprof_prepend.php /**/README.* diff --git a/.ddev/commands/db/mysql b/.ddev/commands/db/mysql deleted file mode 100755 index 23a06db..0000000 --- a/.ddev/commands/db/mysql +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash - -## #ddev-generated -## Description: run mysql client in db container -## Usage: mysql [flags] [args] -## Example: "ddev mysql" or "ddev mysql -uroot -proot" or "echo 'SHOW TABLES;' | ddev mysql" -## `ddev mysql --database=mysql -uroot -proot` gets you to the 'mysql' database with root privileges - -mysql -udb -pdb $@ diff --git a/web/.ht.router.php b/web/.ht.router.php index 054f711..2c8a6f6 100644 --- a/web/.ht.router.php +++ b/web/.ht.router.php @@ -24,6 +24,12 @@ * @see http://php.net/manual/en/features.commandline.webserver.php */ +if (PHP_SAPI !== 'cli-server') { + // Bail out if this is not PHP's Development Server. + header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden'); + exit; +} + $url = parse_url($_SERVER['REQUEST_URI']); if (file_exists(__DIR__ . $url['path'])) { // Serve the requested resource as-is. diff --git a/web/.htaccess b/web/.htaccess index b1ee36b..1575c51 100644 --- a/web/.htaccess +++ b/web/.htaccess @@ -3,7 +3,7 @@ # # Protect files and directories from prying eyes. - + Require all denied @@ -32,12 +32,17 @@ AddEncoding gzip svgz php_value assert.active 0 +# PHP 8, Apache 1 and 2. + + php_value assert.active 0 + + # Requires mod_expires to be enabled. # Enable expirations. ExpiresActive On - # Cache all files for 2 weeks after access (A). + # Cache all files and redirects for 2 weeks after access (A). ExpiresDefault A1209600 @@ -153,12 +158,12 @@ AddEncoding gzip svgz # Serve gzip compressed CSS files if they exist and the client accepts gzip. RewriteCond %{HTTP:Accept-encoding} gzip RewriteCond %{REQUEST_FILENAME}\.gz -s - RewriteRule ^(.*)\.css $1\.css\.gz [QSA] + RewriteRule ^(.*css_[a-zA-Z0-9-_]+)\.css$ $1\.css\.gz [QSA] # Serve gzip compressed JS files if they exist and the client accepts gzip. RewriteCond %{HTTP:Accept-encoding} gzip RewriteCond %{REQUEST_FILENAME}\.gz -s - RewriteRule ^(.*)\.js $1\.js\.gz [QSA] + RewriteRule ^(.*js_[a-zA-Z0-9-_]+)\.js$ $1\.js\.gz [QSA] # Serve correct content types, and prevent double compression. RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1,E=no-brotli:1] diff --git a/web/robots.txt b/web/robots.txt index 18f8df8..ebcd04b 100644 --- a/web/robots.txt +++ b/web/robots.txt @@ -49,6 +49,8 @@ Disallow: /user/register Disallow: /user/password Disallow: /user/login Disallow: /user/logout +Disallow: /media/oembed +Disallow: /*/media/oembed # Paths (no clean URLs) Disallow: /index.php/admin/ Disallow: /index.php/comment/reply/ @@ -59,3 +61,5 @@ Disallow: /index.php/user/password Disallow: /index.php/user/register Disallow: /index.php/user/login Disallow: /index.php/user/logout +Disallow: /index.php/media/oembed +Disallow: /index.php/*/media/oembed diff --git a/web/web.config b/web/web.config index 79a0433..b769e45 100644 --- a/web/web.config +++ b/web/web.config @@ -22,7 +22,7 @@ - +