protected static function getDenyHtaccessContent() { # Source: https://github.com/phpbb/phpbb/pull/2386/files#diff-f72a38c4bec79cc6ded3f8e435d6bd55L11 # With Apache 2.4 the "Order, Deny" syntax has been deprecated and moved from # module mod_authz_host to a new module called mod_access_compat (which may be # disabled) and a new "Require" syntax has been introduced to mod_authz_host. # We could just conditionally provide both versions, but unfortunately Apache # does not explicitly tell us its version if the module mod_version is not # available. In this case, we check for the availability of module # mod_authz_core (which should be on 2.4 or higher only) as a best guess. $deny = <<<HTACCESS_DENY <IfModule mod_version.c> \t<IfVersion < 2.4> \t\tOrder Deny,Allow \t\tDeny from All \t</IfVersion> \t<IfVersion >= 2.4> \t\tRequire all denied \t</IfVersion> </IfModule> <IfModule !mod_version.c> \t<IfModule !mod_authz_core.c> \t\tOrder Deny,Allow \t\tDeny from All \t</IfModule> \t<IfModule mod_authz_core.c> \t\tRequire all denied \t</IfModule> </IfModule> HTACCESS_DENY; return $deny; }