Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nginx sample config must be updated #3769

Open
u07 opened this issue Nov 7, 2023 · 4 comments
Open

Nginx sample config must be updated #3769

u07 opened this issue Nov 7, 2023 · 4 comments

Comments

@u07
Copy link

u07 commented Nov 7, 2023

Seems it hasn't been updated for a while. At least this rule from apache config is missing in nginx:

# Block all direct access to files and folders beginning with a dot
RewriteRule (^|/)\.(?!well-known) - [F]

Just checked, /.phan/config.php is available directly.
@u07
Copy link
Author

u07 commented Nov 7, 2023
edited

For nginx it will be

location ~ /\. {  return 403;   }

or mixed with existing Grav rules (at the end):

location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess|\.) { return 403; }

@u07
Copy link
Author

u07 commented Nov 7, 2023

Also I would suggest changing location ~ \.php$ (any .php) to just location /index.php (a single .php) because Grav has only one executable php.

@10corp
Copy link

10corp commented Dec 22, 2023

Add Nginx supported.

@rhukster
Copy link
Member

How about provding a Pull Request?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rhukster @10corp @u07