static/nginx/site.conf: hotfix to disable access to .ini and .log files

(cherry picked from commit 1c1cfbfdc752e030c2be4703aebfd934fa4a09fc)
2021-09-15 21:52:43 +02:00 · 2021-09-15 21:52:43 +02:00 · f6b1bbbfd2
commit f6b1bbbfd2
parent 534dfde63a
1 changed files with 10 additions and 0 deletions
--- a/static/nginx/site.conf
+++ b/static/nginx/site.conf
@ -53,6 +53,16 @@ server {
            expires 5d;
        }

+	# hotfix for info disclosure
+        location ~* \.(ini)$ {
+            log_not_found off;
+            deny all;
+        }
+        location ~* \.(log)$ {
+            log_not_found off;
+            deny all;
+        }
+
        # deny access to . files, for security
        #
        location ~ /\. {