|
# Prevent clients from accessing hidden files (starting with a dot)
|
|
location ~* (?:^|/)\. {
|
|
return 403;
|
|
}
|
|
|
|
# Prevent clients from accessing to backup/config/source files
|
|
location ~* (?:\.(?:bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
|
|
return 403;
|
|
}
|