new.sh: add a basic .htaccess file to protect sensible files

author Antonio Ospite <ao2@ao2.it>

Thu, 16 Nov 2017 12:08:34 +0000 (13:08 +0100)

committer Antonio Ospite <ao2@ao2.it>

Thu, 16 Nov 2017 12:08:34 +0000 (13:08 +0100)
author Antonio Ospite <ao2@ao2.it>
Thu, 16 Nov 2017 12:08:34 +0000 (13:08 +0100)
committer Antonio Ospite <ao2@ao2.it>
Thu, 16 Nov 2017 12:08:34 +0000 (13:08 +0100)
diff --git a/libexec/new.sh b/libexec/new.sh

index 012c3cb..385c141 100755 (executable)
--- a/libexec/new.sh
+++ b/libexec/new.sh
@@ -116,6 +116,17 @@ EOF
  
  echo
  echo "Uncomment and customize the values in the bootstrap.conf file."
-echo "Make sure that access to '$PWD' is restricted by the web server."
+
+# Add some basic access control to protect sensitive files like bootstrap.conf
+cat > .htaccess <<EOF
+Options -Indexes
+SetEnvIf Request_URI "/web/.*" access_granted
+Order allow,deny
+Allow from env=access_granted
+EOF
+
+echo
+echo "Double check the provided .htaccess file to make sure that access to"
+echo "'$PWD' is restricted by the web server."
  
  popd
author	Antonio Ospite <ao2@ao2.it>
	Thu, 16 Nov 2017 12:08:34 +0000 (13:08 +0100)
committer	Antonio Ospite <ao2@ao2.it>
	Thu, 16 Nov 2017 12:08:34 +0000 (13:08 +0100)