From e2764d54d84bae1b29990b5745c0085c0bbc1fc7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Chris=20M=C3=BCller?= <typo3@krue.ml>
Date: Wed, 19 Feb 2020 14:37:50 +0100
Subject: [PATCH] [DOCS] Add directive to deny access for current Apache
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The example in the note shows how to deny access up to Apache 2.2.
The directive for the current version is added.

Resolves: #90433
Releases: master, 9.5
Change-Id: I7842af8acdf632aebab8b8f63637450efd4fa23c
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/63321
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Björn Jacob <bjoern.jacob@tritum.de>
Tested-by: Ralf Zimmermann <ralf.zimmermann@tritum.de>
Reviewed-by: Björn Jacob <bjoern.jacob@tritum.de>
Reviewed-by: Ralf Zimmermann <ralf.zimmermann@tritum.de>
---
 .../I/Concepts/FormFileStorages/Index.rst     | 23 +++++++++++++------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/typo3/sysext/form/Documentation/I/Concepts/FormFileStorages/Index.rst b/typo3/sysext/form/Documentation/I/Concepts/FormFileStorages/Index.rst
index 05e7f577f1ac..6a5746af8d65 100644
--- a/typo3/sysext/form/Documentation/I/Concepts/FormFileStorages/Index.rst
+++ b/typo3/sysext/form/Documentation/I/Concepts/FormFileStorages/Index.rst
@@ -41,13 +41,22 @@ desired upload storage.
    In principle, files in filemounts are publicly accessible. If the
    uploaded files could contain sensitive data, you should suppress any
    HTTP access to the filemount. This may, for example, be achieved by
-   creating a .htaccess file, assuming you are using an Apache web server.
-   The directive of the .htaccess file is fairly easy:
-
-   .. code-block:: html
-
-      Order deny,allow
-      Deny from all
+   creating a :file:`.htaccess` file, assuming you are using an Apache web
+   server. The directive of the :file:`.htaccess` file is fairly easy:
+
+   .. code-block:: apache
+
+      # Apache ≥ 2.3
+      <IfModule mod_authz_core.c>
+         Require all denied
+      </IfModule>
+
+      # Apache < 2.3
+      <IfModule !mod_authz_core.c>
+         Order allow,deny
+         Deny from all
+         Satisfy All
+      </IfModule>
 
 The following code block shows you how to configure additional filemounts
 for form definitions.
-- 
GitLab