.htaccess should be tracked.

Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>

4 files changed, 23 insertions, 0 deletions

diff --git a/data/.htaccess b/data/.htaccess
new file mode 100644
index 000000000..62adb574a
--- /dev/null
+++ b/data/.htaccess
@@ -0,0 +1,3 @@
+# nothing in this directory is retrievable unless overridden by an .htaccess
+# in a subdirectory
+deny from all
diff --git a/data/attachments/.htaccess b/data/attachments/.htaccess
new file mode 100644
index 000000000..62adb574a
--- /dev/null
+++ b/data/attachments/.htaccess
@@ -0,0 +1,3 @@
+# nothing in this directory is retrievable unless overridden by an .htaccess
+# in a subdirectory
+deny from all
diff --git a/data/cached/.htaccess b/data/cached/.htaccess
new file mode 100644
index 000000000..46e76a1f8
--- /dev/null
+++ b/data/cached/.htaccess
@@ -0,0 +1,2 @@
+# Allow access to the cached stuff
+Allow from all
diff --git a/data/webdot/.htaccess b/data/webdot/.htaccess
new file mode 100644
index 000000000..1c05e71d5
--- /dev/null
+++ b/data/webdot/.htaccess
@@ -0,0 +1,15 @@
+# Restrict access to .dot files to the public webdot server at research.att.com
+# if research.att.com ever changes their IP, or if you use a different
+# webdot server, you'll need to edit this
+<FilesMatch \.dot$>
+  Allow from 192.20.225.0/24
+  Deny from all
+</FilesMatch>
+
+# Allow access to .png files created by a local copy of 'dot'
+<FilesMatch \.png$>
+  Allow from all
+</FilesMatch>
+
+# And no directory listings, either.
+Deny from all