From 638dc6564b1aefe8dc2bca1c1511d6ddd37cad81 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Fr=C3=A9d=C3=A9ric=20Buclin?= <LpSolit@gmail.com>
Date: Fri, 20 Feb 2015 12:58:46 +0100
Subject: [PATCH] Bug 1133690: .htaccess incorrectly assumes that Apache 2.2.x
 can read new 2.4 directives r=dkl a=glob

---
 .htaccess                      |  4 ++--
 Bugzilla/Install/Filesystem.pm | 33 +++++++++++++++++----------------
 2 files changed, 19 insertions(+), 18 deletions(-)

diff --git a/.htaccess b/.htaccess
index 14325d1523..2f009697cc 100644
--- a/.htaccess
+++ b/.htaccess
@@ -1,10 +1,10 @@
 # Don't allow people to retrieve non-cgi executable files or our private data
 <FilesMatch (\.pm|\.pl|\.tmpl|localconfig.*)$>
   <IfModule mod_version.c>
-    <IfVersion <= 2.2>
+    <IfVersion < 2.4>
       Deny from all
     </IfVersion>
-    <IfVersion > 2.2>
+    <IfVersion >= 2.4>
       Require all denied
     </IfVersion>
   </IfModule>
diff --git a/Bugzilla/Install/Filesystem.pm b/Bugzilla/Install/Filesystem.pm
index f28d6699bf..5f56774609 100644
--- a/Bugzilla/Install/Filesystem.pm
+++ b/Bugzilla/Install/Filesystem.pm
@@ -48,10 +48,10 @@ use constant HT_DEFAULT_DENY => <<EOT;
 # nothing in this directory is retrievable unless overridden by an .htaccess
 # in a subdirectory
 <IfModule mod_version.c>
-  <IfVersion <= 2.2>
+  <IfVersion < 2.4>
     Deny from all
   </IfVersion>
-  <IfVersion > 2.2>
+  <IfVersion >= 2.4>
     Require all denied
   </IfVersion>
 </IfModule>
@@ -351,10 +351,10 @@ EOT
 # Allow access to .png and .gif files.
 <FilesMatch (\\.gif|\\.png)\$>
   <IfModule mod_version.c>
-    <IfVersion <= 2.2>
+    <IfVersion < 2.4>
       Allow from all
     </IfVersion>
-    <IfVersion > 2.2>
+    <IfVersion >= 2.4>
       Require all granted
     </IfVersion>
   </IfModule>
@@ -365,10 +365,10 @@ EOT
 
 # And no directory listings, either.
 <IfModule mod_version.c>
-  <IfVersion <= 2.2>
+  <IfVersion < 2.4>
     Deny from all
   </IfVersion>
-  <IfVersion > 2.2>
+  <IfVersion >= 2.4>
     Require all denied
   </IfVersion>
 </IfModule>
@@ -384,13 +384,14 @@ EOT
 # the IP address of your webdot server.
 #<FilesMatch \\.dot\$>
 #  <IfModule mod_version.c>
-#    <IfVersion <= 2.2>
+#    <IfVersion < 2.4>
 #      Allow from 127.0.0.1/24
 #      Deny from all
 #    </IfVersion>
-#    <IfVersion > 2.2>
+#    <IfVersion >= 2.4>
 #      Require ip 127.0.0.1/24
 #      Require all denied
+#    </IfVersion>
 #  </IfModule>
 #  <IfModule !mod_version.c>
 #    Allow from 127.0.0.1/24
@@ -401,10 +402,10 @@ EOT
 # Allow access to .png files created by a local copy of 'dot'
 <FilesMatch \\.png\$>
   <IfModule mod_version.c>
-    <IfVersion <= 2.2>
+    <IfVersion < 2.4>
       Allow from all
     </IfVersion>
-    <IfVersion > 2.2>
+    <IfVersion >= 2.4>
       Require all granted
     </IfVersion>
   </IfModule>
@@ -415,10 +416,10 @@ EOT
 
 # And no directory listings, either.
 <IfModule mod_version.c>
-  <IfVersion <= 2.2>
+  <IfVersion < 2.4>
     Deny from all
   </IfVersion>
-  <IfVersion > 2.2>
+  <IfVersion >= 2.4>
     Require all denied
   </IfVersion>
 </IfModule>
@@ -432,10 +433,10 @@ EOT
 # Allow access to .css files
 <FilesMatch \\.(css|js)\$>
   <IfModule mod_version.c>
-    <IfVersion <= 2.2>
+    <IfVersion < 2.4>
       Allow from all
     </IfVersion>
-    <IfVersion > 2.2>
+    <IfVersion >= 2.4>
       Require all granted
     </IfVersion>
   </IfModule>
@@ -446,10 +447,10 @@ EOT
 
 # And no directory listings, either.
 <IfModule mod_version.c>
-  <IfVersion <= 2.2>
+  <IfVersion < 2.4>
     Deny from all
   </IfVersion>
-  <IfVersion > 2.2>
+  <IfVersion >= 2.4>
     Require all denied
   </IfVersion>
 </IfModule>
-- 
2.47.2