.htaccess file access hardening (3.3.10)

What is the recommended configuration? I try to have my Elgg 100% optimized.

  • If you compare the htaccess template of Elgg 3.3.10 in vendor/elgg/elgg/install/config/htaccess.dist with the template included in 3.3.9 or older you will see some additional rewrite rules (by default not enabled) to protect certain files and folder within the install directory of Elgg from direct access. I guess you might refer to these rules with your question? Not sure if there are any other options.

  • Yes, Iionly. Can I enable all options?

  • I guess you can. I can't say for sure if any issues might occur because I haven't tried it myself yet. Maybe just try it with all options enabled and in case of problems disabling them again step by step. Or the other way round and enabling them one at a time (as the comments tell the last 3 need to be enabled in any case at once) and keep them active if there're no problems.