static/nginx/site.conf: hotfix to disable access to .ini and .log files
(cherry picked from commit 1c1cfbfdc752e030c2be4703aebfd934fa4a09fc)
This commit is contained in:
fleischsalatinspace
soneill
parent
534dfde63a
commit
f6b1bbbfd2
1 changed files with 10 additions and 0 deletions
|
|
@ -53,6 +53,16 @@ server {
|
||||||
expires 5d;
|
expires 5d;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# hotfix for info disclosure
|
||||||
|
location ~* \.(ini)$ {
|
||||||
|
log_not_found off;
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
location ~* \.(log)$ {
|
||||||
|
log_not_found off;
|
||||||
|
deny all;
|
||||||
|
}
|
||||||
|
|
||||||
# deny access to . files, for security
|
# deny access to . files, for security
|
||||||
#
|
#
|
||||||
location ~ /\. {
|
location ~ /\. {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue