[ Index ]

PHP Cross Reference of Joomla 4.2.2 documentation

title

Body

[close]

/ -> web.config.txt (source)

[Summary view] [Print] [Text view] 

   1  <?xml version="1.0" encoding="UTF-8"?>
   2  <configuration>
   3     <location path=".">
   4     <system.webServer>
   5         <directoryBrowse enabled="false" />
   6         <rewrite>
   7             <rules>
   8                 <rule name="Joomla! Common Exploits Prevention" stopProcessing="true">
   9                     <match url="^(.*)$" ignoreCase="false" />
  10                     <conditions logicalGrouping="MatchAny">
  11                         <add input="{QUERY_STRING}" pattern="base64_encode[^(]*\([^)]*\)" ignoreCase="false" />
  12                         <add input="{QUERY_STRING}" pattern="(&gt;|%3C)([^s]*s)+cript.*(&lt;|%3E)" />
  13                         <add input="{QUERY_STRING}" pattern="GLOBALS(=|\[|\%[0-9A-Z]{0,2})" ignoreCase="false" />
  14                         <add input="{QUERY_STRING}" pattern="_REQUEST(=|\[|\%[0-9A-Z]{0,2})" ignoreCase="false" />
  15                     </conditions>
  16                     <action type="CustomResponse" url="index.php" statusCode="403" statusReason="Forbidden" statusDescription="Forbidden" />
  17                 </rule>
  18                 <rule name="Joomla! API Application SEF URLs">
  19                     <match url="^api/(.*)" ignoreCase="false" />
  20                     <conditions logicalGrouping="MatchAll">
  21                       <add input="{URL}" pattern="^/api/index.php" ignoreCase="true" negate="true" />
  22                       <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
  23                       <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
  24                     </conditions>
  25                     <action type="Rewrite" url="api/index.php" />
  26                 </rule>
  27                 <rule name="Joomla! Public Frontend SEF URLs">
  28                     <match url="(.*)" ignoreCase="false" />
  29                     <conditions logicalGrouping="MatchAll">
  30                       <add input="{URL}" pattern="^/index.php" ignoreCase="true" negate="true" />
  31                       <add input="{REQUEST_FILENAME}" matchType="IsFile" ignoreCase="false" negate="true" />
  32                       <add input="{REQUEST_FILENAME}" matchType="IsDirectory" ignoreCase="false" negate="true" />
  33                     </conditions>
  34                     <action type="Rewrite" url="index.php" />
  35                 </rule>
  36             </rules>
  37         </rewrite>
  38         <httpProtocol>
  39             <customHeaders>
  40                 <add name="X-Content-Type-Options" value="nosniff" />
  41                 <!-- Protect against certain cross-origin requests. More information can be found here: -->
  42                 <!-- https://developer.mozilla.org/en-US/docs/Web/HTTP/Cross-Origin_Resource_Policy_(CORP) -->
  43                 <!-- https://web.dev/why-coop-coep/ -->
  44                 <!-- <add name="Cross-Origin-Resource-Policy" value="same-origin" /> -->
  45                 <!-- <add name="Cross-Origin-Embedder-Policy" value="require-corp" /> -->
  46             </customHeaders>
  47         </httpProtocol>
  48     </system.webServer>
  49     </location>
  50  </configuration>

Body

Body

Body

Body


Generated: Wed Sep 7 05:41:13 2022 Chilli.vc Blog - For Webmaster,Blog-Writer,System Admin and Domainer