From 3e3e3883c0a75942a3de589b0239f3ce10c2f774 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Mon, 5 Oct 2009 17:38:45 +0000
Subject: [PATCH] Adding an example htaccess file to protect the folder
 "documents"

---
 README                    | 4 ++++
 README-FR                 | 5 +++++
 dev/security/README       | 6 ++++++
 dev/security/htaccess.txt | 2 ++
 4 files changed, 17 insertions(+)
 create mode 100644 dev/security/README
 create mode 100644 dev/security/htaccess.txt

diff --git a/README b/README
index 97906b636c6..ac0363fb3b2 100644
--- a/README
+++ b/README
@@ -39,6 +39,10 @@ install this version like this:
    
 - Follow instructions provided by installer...
 
+- If your web hosting does not allow you to place the folder "documents" outside
+  the site root, add the /dev/security/htaccess.txt in the root directory of
+  folder "documents" by renaming .htaccess
+
 
 II - DOLIBARR UPGRADE
 ---------------------
diff --git a/README-FR b/README-FR
index 44b0900f867..ebf8388c5d7 100644
--- a/README-FR
+++ b/README-FR
@@ -41,6 +41,11 @@ installer Dolibarr avec cette version de la manière suivante:
    
 - Suivez les instructions fournis par l'installeur...
 
+- Si votre hébergement ne permet pas de placer le répertoire "documents" en dehors
+  de la racine du site, ajoutez le fichier /dev/security/htaccess.txt à la racine
+  du répertoire documents en le renommant en .htaccess
+  
+
 
 II - METTRE A JOUR DOLIBARR
 ---------------------------
diff --git a/dev/security/README b/dev/security/README
new file mode 100644
index 00000000000..8c0727be0aa
--- /dev/null
+++ b/dev/security/README
@@ -0,0 +1,6 @@
+README (English)
+--------------------------------
+
+If your web hosting does not allow you to place the folder "documents" outside
+the site root, add the htaccess.txt in the root directory of
+folder "documents" by renaming .htaccess
\ No newline at end of file
diff --git a/dev/security/htaccess.txt b/dev/security/htaccess.txt
new file mode 100644
index 00000000000..7d3aaf1a903
--- /dev/null
+++ b/dev/security/htaccess.txt
@@ -0,0 +1,2 @@
+Order allow,deny
+Deny from all
\ No newline at end of file
-- 
GitLab