From e8dc039a252a9a3a9558d7b92ac0527fc529b3fc Mon Sep 17 00:00:00 2001
From: Roly Rudy Gutierrez Pinto <gproly@gmail.com>
Date: Thu, 9 Feb 2017 17:55:37 -0400
Subject: [PATCH] HOR-2604

---
 workflow/public_html/.htaccess      | 2 +-
 workflow/public_html/sysGeneric.php | 4 ++++
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/workflow/public_html/.htaccess b/workflow/public_html/.htaccess
index 458bcdada..5d0e4c170 100644
--- a/workflow/public_html/.htaccess
+++ b/workflow/public_html/.htaccess
@@ -3,7 +3,7 @@
         Deny from all
 </FilesMatch>
 
-<FilesMatch "^(app|sysGeneric)\.php$">
+<FilesMatch "^(app|sysGeneric|gmail)\.php">
         Order Allow,Deny 
         Allow from All 
 </FilesMatch>
\ No newline at end of file
diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php
index 0b32f04eb..4f79e9bb1 100644
--- a/workflow/public_html/sysGeneric.php
+++ b/workflow/public_html/sysGeneric.php
@@ -117,6 +117,10 @@ if (file_exists($requestFile)) {
         header( "location: /errors/error404.php?url=" . urlencode( $_SERVER['REQUEST_URI'] ) );
         die;
     }
+    if ($request === "app.php" || $request === "sysGeneric.php") {
+        //HTTP/1.0 403 Forbidden
+        http_response_code(403);
+    }
     $pos = strripos($request, ".") + 1;
     $size = strlen($request);
     if($pos < $size) {