Forcing frontcontroller - related to pretty URLs
Permalink
I'm not so happy about having (public) content like
©2011 Some Whack-Ass Site
on my web site, like on
http://www.concrete5.org/concrete/themes/greek_yogurt/index.html...
Of course, I could run through the installation and hunt for such content. But if I install updates or new packages, such stuff could creep in again.
I'd prefer some clean solution that preferably either runs everything through the frontcontroller, or at least has some clear distinction rules for .htaccess as what files to serve directly through Apache and what goes through index.php.
The pretty URL rules
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule ^(.*)$ index.php
don't seem to do that properly. Sounds like a security issue too, as .php might get uploaded to /files.
Did anybody come up with a tighter set of .htaccess rules for that purpose?
©2011 Some Whack-Ass Site
on my web site, like on
http://www.concrete5.org/concrete/themes/greek_yogurt/index.html...
Of course, I could run through the installation and hunt for such content. But if I install updates or new packages, such stuff could creep in again.
I'd prefer some clean solution that preferably either runs everything through the frontcontroller, or at least has some clear distinction rules for .htaccess as what files to serve directly through Apache and what goes through index.php.
The pretty URL rules
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME}/index.html !-f
RewriteCond %{REQUEST_FILENAME}/index.php !-f
RewriteRule ^(.*)$ index.php
don't seem to do that properly. Sounds like a security issue too, as .php might get uploaded to /files.
Did anybody come up with a tighter set of .htaccess rules for that purpose?
