From 8c729e6fa26692135ba8e5fa0a9968427197634f Mon Sep 17 00:00:00 2001
From: Markus Klein <markus.klein@typo3.org>
Date: Wed, 27 Apr 2016 10:12:51 +0200
Subject: [PATCH] [TASK] Disallow access to documentation folders

Update the default .htaccess file. The users must update their
actual configuration (.htaccess or server config) manually.

Resolves: #75934
Releases: master, 7.6, 6.2
Change-Id: I8e40263c72f68c44cb8fd8c1944a44e4d38d9daa
Reviewed-on: https://review.typo3.org/47930
Reviewed-by: Oliver Klee <typo3-coding@oliverklee.de>
Reviewed-by: Daniel Goerz <ervaude@gmail.com>
Tested-by: Daniel Goerz <ervaude@gmail.com>
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
---
 _.htaccess | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/_.htaccess b/_.htaccess
index 910a643c3c11..e8a50f650316 100644
--- a/_.htaccess
+++ b/_.htaccess
@@ -288,7 +288,7 @@ AddDefaultCharset utf-8
 	RewriteRule fileadmin/templates/.*\.(?:txt|ts)$ - [F]
 	RewriteRule typo3temp/var/ - [F]
 	RewriteRule ^(vendor|typo3_src) - [F]
-	RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?)/ - [F]
+	RewriteRule (?:typo3conf/ext|typo3/sysext|typo3/ext)/[^/]+/(?:Configuration|Resources/Private|Tests?|Documentation|docs?)/ - [F]
 
 	# Block access to all hidden files and directories with the exception of
 	# the visible content from within the `/.well-known/` hidden directory (RFC 5785).
-- 
GitLab