From f9eb10f653b5aab64c36cf5a0be4173ca7303f87 Mon Sep 17 00:00:00 2001
From: robocoder <anthon.pang@gmail.com>
Date: Sat, 28 Apr 2012 01:59:30 +0000
Subject: [PATCH] fixes #3129

git-svn-id: http://dev.piwik.org/svn/trunk@6227 59fd770c-687e-43c8-a1e3-f5a4ff64c105
---
 core/Common.php |  2 +-
 core/Piwik.php  | 11 ++++++++---
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/core/Common.php b/core/Common.php
index f5ecaca3ee..9959e36281 100644
--- a/core/Common.php
+++ b/core/Common.php
@@ -549,7 +549,7 @@ class Piwik_Common
 	 * @param string $path without trailing slash
 	 * @param string $content
 	 */
-	static public function createHtAccess( $path, $content = "<Files \"*\">\nDeny from all\n</Files>\n" )
+	static public function createHtAccess( $path, $content = "<Files \"*\">\n<IfModule mod_access.c>\nDeny from all\n</IfModule>\n<IfModule mod_authz_host>\nDeny from all\n</IfModule>\n<IfModule mod_access_compat>\nDeny from all\n</IfModule>\n</Files>\n" )
 	{
 		if(self::isApache())
 		{
diff --git a/core/Piwik.php b/core/Piwik.php
index c989ac838f..1f080290df 100644
--- a/core/Piwik.php
+++ b/core/Piwik.php
@@ -560,10 +560,15 @@ class Piwik
 			Piwik_Common::createHtAccess(PIWIK_INCLUDE_PATH . $directoryToProtect);
 		}
 
+		// Allow/Deny lives in different modules depending on the Apache version
+		$allow = "<IfModule mod_access.c>\nAllow from all\n</IfModule>\n<IfModule mod_authz_host>\nAllow from all\n</IfModule>\n<IfModule mod_access_compat>\nAllow from all\n</IfModule>\n";
+		$deny = "<IfModule mod_access.c>\nDeny from all\n</IfModule>\n<IfModule mod_authz_host>\nDeny from all\n</IfModule>\n<IfModule mod_access_compat>\nDeny from all\n</IfModule>\n";
+
 		// more selective allow/deny filters
-		$allowAny = "<Files \"*\">\nAllow from all\nSatisfy any\n</Files>\n";
-		$allowStaticAssets = "<Files ~ \"\\.(test\.php|gif|ico|jpg|png|js|css|swf)$\">\nSatisfy any\nAllow from all\n</Files>\n";
-		$denyDirectPhp = "<Files ~ \"\\.(php|php4|php5|inc|tpl|in)$\">\nDeny from all\n</Files>\n";
+		$allowAny = "<Files \"*\">\n".$allow."Satisfy any\n</Files>\n";
+		$allowStaticAssets = "<Files ~ \"\\.(test\.php|gif|ico|jpg|png|js|css|swf)$\">\n".$allow."Satisfy any\n</Files>\n";
+		$denyDirectPhp = "<Files ~ \"\\.(php|php4|php5|inc|tpl|in)$\">\n".$deny."</Files>\n";
+
 		$directoriesToProtect = array(
 			'/js' => $allowAny,
 			'/libs' => $denyDirectPhp . $allowStaticAssets,
-- 
GitLab