[byteball.org] .htaccess file is available publicly.

Project Detalis

Github Repository: https://github.com/byteball/byteball-web/
Platform: https://byteball.org

Expected Behaviour

The htaccess file is used to stop users from accessing certain files and folders. It should not be available to anyone and should be hidden according to its RFC.

Actual Behaviour

.htaccess file is available to anyone to view.

Steps to Reproduce

1. Visit https://byteball.org/.htaccess in browser and it will be downloaded which can be viewed using any text editor.

or curl https://byteball.org/.htaccess will also work in terminal.

Possible Fix

Add this code to .htaccess file

<files .htaccess> order allow,deny deny from all </files>

Github Details

Github Profile
Issue#49