From: Patrick Canterino <patrick@patrick-canterino.de>
Date: Sat, 13 Jul 2024 14:25:32 +0000 (+0200)
Subject: README: Deny access to var on Apache using "Require all denied"
X-Git-Url: https://git.p6c8.net/jirafeau_project.git/commitdiff_plain/3912a1b7ee902c60898159c19cb66dbcd81aec7e?hp=--cc

README: Deny access to var on Apache using "Require all denied"
---

3912a1b7ee902c60898159c19cb66dbcd81aec7e
diff --git a/README.md b/README.md
index 6ef0eed..7d89261 100644
--- a/README.md
+++ b/README.md
@@ -101,9 +101,19 @@ You have several options:
 - Move var folder to a place on your server which can't be directly accessed
 - Disable automatic listing on your web server config or place a index.html in var's sub-directory (this is a limited solution)
 
-If you are using Apache, you can add the following line to your configuration to prevent people to access to your `var` folder:
+If you are using Apache, you can add the following lines to your configuration to prevent people to access to your `var` folder:
 
-`RedirectMatch 301 ^/var-.* http://my.service.jirafeau`
+```apache
+<LocationMatch "^/var-*">
+    Require all denied
+</LocationMatch>
+```
+
+Or you can put a `.htaccess` file containing this into your `var` folder:
+
+```apache
+Require all denied
+```
 
 If you are using nginx, you can add the following to your $vhost.conf: