public static function createHtAccessFiles()
{
$denyAll = self::getDenyAllHtaccessContent();
$allow = self::getAllowHtaccessContent();
// more selective allow/deny filters
$noDirectoryListing = "Options -Indexes\n";
$allowAny = "# Allow any file in this directory\n" . "<Files \"*\">\n" . $allow . "\n" . "</Files>\n";
$allowStaticAssets = "# Serve HTML files as text/html mime type - Note: requires mod_mime apache module!\n" . "<IfModule mod_mime.c>\n" . " AddHandler text/html .html\n" . " AddHandler text/html .htm\n" . "</IfModule>\n\n" . "# Allow to serve static files which are safe\n" . "<Files ~ \"\\.(gif|ico|jpg|png|svg|js|css|htm|html|swf|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)\$\">\n" . $allow . "\n" . "</Files>\n";
$directoriesToProtect = array('/js' => $allowAny . $noDirectoryListing, '/libs' => $denyAll . $allowStaticAssets . $noDirectoryListing, '/vendor' => $denyAll . $allowStaticAssets . $noDirectoryListing, '/plugins' => $denyAll . $allowStaticAssets . $noDirectoryListing, '/misc/user' => $denyAll . $allowStaticAssets . $noDirectoryListing);
foreach ($directoriesToProtect as $directoryToProtect => $content) {
self::createHtAccess(PIWIK_INCLUDE_PATH . $directoryToProtect, $overwrite = true, $content);
}
// deny access to these folders
$directoriesToProtect = array('/config' => $denyAll . $noDirectoryListing, '/core' => $denyAll . $noDirectoryListing, '/lang' => $denyAll . $noDirectoryListing, '/tmp' => $denyAll . $noDirectoryListing);
foreach ($directoriesToProtect as $directoryToProtect => $content) {
self::createHtAccess(PIWIK_INCLUDE_PATH . $directoryToProtect, $overwrite = true, $content);
}
}
