Updated locations to match h5bp's Apache config
See https://github.com/h5bp/server-configs-apache/issues/31 for `well-known` change.
This commit is contained in:
parent
8e361ed61a
commit
d37a4c7165
|
@ -1,10 +1,13 @@
|
|||
# Prevent clients from accessing hidden files (starting with a dot)
|
||||
# This is particularly important if you store .htpasswd files in the site hierarchy
|
||||
location ~* (?:^|/)\. {
|
||||
# Access to `/.well-known/` is allowed.
|
||||
# https://www.mnot.net/blog/2010/04/07/well-known
|
||||
# https://tools.ietf.org/html/rfc5785
|
||||
location ~* /\.(?!well-known\/) {
|
||||
deny all;
|
||||
}
|
||||
|
||||
# Prevent clients from accessing to backup/config/source files
|
||||
location ~* (?:\.(?:bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
|
||||
location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
|
||||
deny all;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue