diff options
author | Chris Smith <toonarmy@phpbb.com> | 2010-04-28 19:20:54 +0100 |
---|---|---|
committer | Nils Adermann <naderman@naderman.de> | 2010-05-03 19:31:54 +0200 |
commit | 8612fc23d4d7ca90ea80e5a12e7bd51ed315e0dd (patch) | |
tree | be2e6c9f7508c0b8924640887defbdb68096f865 /phpBB/web.config | |
parent | e11e53e11bd7ea67fe0b7b0145fe2941ca86fb84 (diff) | |
download | forums-8612fc23d4d7ca90ea80e5a12e7bd51ed315e0dd.tar forums-8612fc23d4d7ca90ea80e5a12e7bd51ed315e0dd.tar.gz forums-8612fc23d4d7ca90ea80e5a12e7bd51ed315e0dd.tar.bz2 forums-8612fc23d4d7ca90ea80e5a12e7bd51ed315e0dd.tar.xz forums-8612fc23d4d7ca90ea80e5a12e7bd51ed315e0dd.zip |
[ticket/9520] New web.config file as suggested by Microsoft using request filter
PHPBB3-9520
Diffstat (limited to 'phpBB/web.config')
-rw-r--r-- | phpBB/web.config | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/phpBB/web.config b/phpBB/web.config index 7f2b40ec1b..e374e611f6 100644 --- a/phpBB/web.config +++ b/phpBB/web.config @@ -1,17 +1,25 @@ <?xml version="1.0" encoding="UTF-8"?> <configuration> <system.webServer> - <rewrite> - <rules> - <rule name="phpBB config.php Rule" patternSyntax="Wildcard" stopProcessing="true"> - <match url="*config.php" /> - <action type="AbortRequest" /> - </rule> - <rule name="phpBB common.php Rule" patternSyntax="Wildcard" stopProcessing="true"> - <match url="*common.php" /> - <action type="AbortRequest" /> - </rule> - </rules> - </rewrite> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="cache" /> + <add segment="files" /> + <add segment="store" /> + </hiddenSegments> + </requestFiltering> + </security> </system.webServer> + <location path="images/avatars"> + <system.webServer> + <security> + <requestFiltering> + <hiddenSegments> + <add segment="upload" /> + </hiddenSegments> + </requestFiltering> + </security> + </system.webServer> + </location> </configuration> |