14 lines
484 B
Plaintext
14 lines
484 B
Plaintext
# Prevent clients from accessing hidden files (starting with a dot)
|
|
# This is particularly important if you store .htpasswd files in the site hierarchy
|
|
# Access to `/.well-known/` is allowed.
|
|
# https://www.mnot.net/blog/2010/04/07/well-known
|
|
# https://tools.ietf.org/html/rfc5785
|
|
location ~* /\.(?!well-known\/) {
|
|
deny all;
|
|
}
|
|
|
|
# Prevent clients from accessing to backup/config/source files
|
|
location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
|
|
deny all;
|
|
}
|