the core and several plugins protect access to folders with an .htaccess file:
Code: Select all
order deny,allow
deny from all
According to StackOverflow it is possible to deliver .htaccess files that will work with both versions. I made a slight modification:
Code: Select all
<IfModule !authz_core_module>
order deny,allow
deny from all
</IfModule>
<IfModule authz_core_module>
Require all denied
</IfModule>
BTW: it is known and documented that .htaccess won't work for other servers (e.g. IIS and NginX). However, I assume many users are not aware of that issue, so we should consider adding a test to the system check, whether access protection of the content/ folder works.
Christoph