From 3912a1b7ee902c60898159c19cb66dbcd81aec7e Mon Sep 17 00:00:00 2001
From: Patrick Canterino <patrick@patrick-canterino.de>
Date: Sat, 13 Jul 2024 16:25:32 +0200
Subject: [PATCH] README: Deny access to var on Apache using "Require all
 denied"

---
 README.md | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 6ef0eed..7d89261 100644
--- a/README.md
+++ b/README.md
@@ -101,9 +101,19 @@ You have several options:
 - Move var folder to a place on your server which can't be directly accessed
 - Disable automatic listing on your web server config or place a index.html in var's sub-directory (this is a limited solution)
 
-If you are using Apache, you can add the following line to your configuration to prevent people to access to your `var` folder:
+If you are using Apache, you can add the following lines to your configuration to prevent people to access to your `var` folder:
 
-`RedirectMatch 301 ^/var-.* http://my.service.jirafeau`
+```apache
+<LocationMatch "^/var-*">
+    Require all denied
+</LocationMatch>
+```
+
+Or you can put a `.htaccess` file containing this into your `var` folder:
+
+```apache
+Require all denied
+```
 
 If you are using nginx, you can add the following to your $vhost.conf:
 
-- 
2.34.1