Security update for permissions_by_term

[yaffs-website] / web / .htaccess

diff --git a/web/.htaccess b/web/.htaccess
index 4716fa12c8cb1f0caac10eebdb946c4dff28ce66..83cb71a042bebf67c4079a28531f49a596d92006 100644 (file)
--- a/web/.htaccess
+++ b/web/.htaccess
@@ -93,7 +93,7 @@ AddEncoding gzip svgz
   # If you do not have mod_rewrite installed, you should remove these
   # directories from your webroot or otherwise protect them from being
   # downloaded.
-  RewriteRule "(^|/)\.(?!well-known)" - [F]
+  RewriteRule "/\.|^\.(?!well-known/)" - [F]
 
   # If your site can be accessed both with and without the 'www.' prefix, you
   # can use one of the following settings to redirect users to your preferred