Add "Order" to assure that no parental "Allow" can grant access

Signed-off-by: MichaIng <micha@dietpi.com>
author: MichaIng <micha@dietpi.com> 2019-09-26 12:38:58 +0200
committer: GitHub <noreply@github.com> 2019-09-26 12:38:58 +0200
commit: c7e66ec848cfce75b8eb3f635f21255e3967def2 (patch)
tree: ad1ffd537b4611a4815373d780bcb435667c5624 /lib/private/Setup.php
parent: 592eecdb7d6b469515cb4231056a8208a548d0aa (diff)
download: nextcloud-server-c7e66ec848cfce75b8eb3f635f21255e3967def2.tar.gz
nextcloud-server-c7e66ec848cfce75b8eb3f635f21255e3967def2.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/private/Setup.php b/lib/private/Setup.php
index 7811754ddce..3fbfc3da2ba 100644
--- a/lib/private/Setup.php
+++ b/lib/private/Setup.php
@@ -547,6 +547,7 @@ class Setup {
 		$content .= "  Require all denied\n";
 		$content .= "</IfModule>\n";
 		$content .= "<IfModule mod_access_compat.c>\n";
+		$content .= "  Order Allow,Deny";
 		$content .= "  Deny from all\n";
 		$content .= "  Satisfy All\n";
 		$content .= "</IfModule>\n\n";
@@ -554,6 +555,7 @@ class Setup {
 		$content .= "<IfModule !mod_authz_core.c>\n";
 		$content .= "  <IfModule !mod_access_compat.c>\n";
 		$content .= "    <IfModule mod_authz_host.c>\n";
+		$content .= "      Order Allow,Deny";
 		$content .= "      Deny from all\n";
 		$content .= "    <IifModule>\n";
 		$content .= "    Satisfy All\n";
author	MichaIng <micha@dietpi.com>	2019-09-26 12:38:58 +0200
committer	GitHub <noreply@github.com>	2019-09-26 12:38:58 +0200
commit	c7e66ec848cfce75b8eb3f635f21255e3967def2 (patch)
tree	ad1ffd537b4611a4815373d780bcb435667c5624 /lib/private/Setup.php
parent	592eecdb7d6b469515cb4231056a8208a548d0aa (diff)
download	nextcloud-server-c7e66ec848cfce75b8eb3f635f21255e3967def2.tar.gz nextcloud-server-c7e66ec848cfce75b8eb3f635f21255e3967def2.zip