# miscellaneous security settings # disable TRACE (CVE-2009-2823) TraceEnable Off <IfModule mod_dir.c> # This protects rpm backup files from beeing served, these files could # contain sensible information. <FilesMatch "\.(rpmorig|rpmsave)$"> Require all denied </FilesMatch> # This protects ssi and php files from beeing served if the module is not # installed, it prevents presumptive source code theft. <IfModule !mod_include.c> <FilesMatch "\.(shtml)$"> ErrorDocument 403 "<h1>403 Forbidden: Execute Access Forbidden</h1>\ <p>The server is currently not serving ssi scripts.</p><p>This \ could mean the server administrator is doing maintenance or has \ orphan ssi files laying around, please contact the server \ administrator or come back later. Thank you.</p> Require all denied </FilesMatch> </IfModule> <IfModule !mod_php.c> <FilesMatch "\.(php|php3|php4|php5|phps|phtml)$"> ErrorDocument 403 "<h1>403 Forbidden: Execute Access Forbidden</h1>\ <p>The server is currently not serving php scripts.</p><p>This \ could mean the server administrator is doing maintenance or has \ orphan php files laying around, please contact the server \ administrator or come back later. Thank you.</p> Require all denied </FilesMatch> </IfModule> </IfModule>