- b2evolution CMS User Manual
- Operations Reference
- Security
- .htaccess and sample.htaccess Files
.htaccess and sample.htaccess Files
In addition to the main .htaccess File, b2evolution comes with several sample.htaccess
files which you can (and actually should) rename to .htaccess
in their respective folders.
WARNING: Each
sample.htaccess
file is different. Do not copy one from another folder. If needed go to github or download the distribution ZIP again and make sure to use the correct sample.htaccess
file for each folder.One major reason for these .htaccess
files is to prevent direct execution of .php
files, as an additional security precaution, in several unwanted places such as:
- The
/media/
folder - The
/skins*/
folders - The
/plugins/
folders
In theory, you don’t need this additional precaution, as only System Admins can upload files into these folders. However, in case of a security breach, it helps protecting against hackers who try to upload malware such as PHP command shells.