minor #6223 Improveme the apache/mod_php configuration example (gnat42)

xabbuh · xabbuh · commit 2a6dc3684b32 · 2016-02-08T08:42:37.000+01:00
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes #6223). Discussion ---------- Improveme the apache/mod_php configuration example We recently had a project undergo a massive security scan. We had setup email error reporting, so symfony sent us ~15K emails all mostly route not found when the scanner was playing around in the bundles asset directory. In reality if a file isn't available in the bundles directory the server can simply return a 404 not found, and it is probably also slightly more secure and performant to not fire up the entire symfony framework in that case. Commits ------- 67b661e Improvement to the apache/mod_php configuration example
diff --git a/cookbook/configuration/web_server_configuration.rst b/cookbook/configuration/web_server_configuration.rst
@@ -93,6 +93,14 @@ and increase web server performance:
         #     Options FollowSymlinks
         # </Directory>
 
+        # optionally disable the RewriteEngine for the asset directories
+        # which will allow apache to simply reply with a 404 when files are
+        # not found instead of passing the request into the full symfony stack
+        <Directory /var/www/project/web/bundles>
+            <IfModule mod_rewrite.c>
+                RewriteEngine Off
+            </IfModule>
+        </Directory>
         ErrorLog /var/log/apache2/project_error.log
         CustomLog /var/log/apache2/project_access.log combined
     </VirtualHost>
