From 0ba01391e86323f76c99eddbff87ad23732bba19 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dani=C3=ABl=20Klabbers?= <Luceos@users.noreply.github.com>
Date: Fri, 7 Apr 2017 13:39:46 +0200
Subject: [PATCH 1/2] Update .htaccess

flarum/core#692 protect composer.lock, but also improve protection for git directories
---
 .htaccess | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.htaccess b/.htaccess
index f35dd21..3e4a5c1 100644
--- a/.htaccess
+++ b/.htaccess
@@ -26,7 +26,8 @@
   RewriteRule ^vendor/(.*)?$ / [F,L]
   RewriteRule ^storage/(.*)?$ / [F,L]
   RewriteRule ^config.php$ / [F,L]
-  RewriteRule ^.git/(.*)?$ / [F,L]
+  RewriteRule /\.git / [F,L]
+  RewriteRule ^composer\.lock$ / [F,L]
 
   RewriteRule ^api(.*)$ api.php [QSA,L]
   RewriteRule ^admin(.*)$ admin.php [QSA,L]

From 1ed484990f7f8a5a9447d5ca28166bffda36be92 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dani=C3=ABl=20Klabbers?= <Luceos@users.noreply.github.com>
Date: Mon, 10 Apr 2017 12:41:46 +0200
Subject: [PATCH 2/2] Update .htaccess

declined access to composer.json
---
 .htaccess | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.htaccess b/.htaccess
index 3e4a5c1..819a01b 100644
--- a/.htaccess
+++ b/.htaccess
@@ -27,7 +27,7 @@
   RewriteRule ^storage/(.*)?$ / [F,L]
   RewriteRule ^config.php$ / [F,L]
   RewriteRule /\.git / [F,L]
-  RewriteRule ^composer\.lock$ / [F,L]
+  RewriteRule ^composer\.(lock|json)$ / [F,L]
 
   RewriteRule ^api(.*)$ api.php [QSA,L]
   RewriteRule ^admin(.*)$ admin.php [QSA,L]