Verified Commit be259e1a authored by Jan Alexander Steffens (heftig)'s avatar Jan Alexander Steffens (heftig)
Browse files

fluxbb, flyspray: Deny access to /.git

The gitdirs are just clones of public repos and don't seem to contain
anything sensitive but better safe than sorry.

Thanks to Christian Rebischke <chris@shibumi.dev>
parent b83828c1
......@@ -33,6 +33,10 @@ server {
ssl_certificate_key /etc/letsencrypt/live/{{ fluxbb_domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ fluxbb_domain }}/chain.pem;
location /.git {
deny all;
}
location ~ /extern\.php {
limit_req zone=rsslimit burst=10 nodelay;
fastcgi_pass unix:/run/php-fpm/fluxbb.socket;
......
......@@ -32,6 +32,10 @@ server {
root {{ flyspray_dir }};
location /.git {
deny all;
}
location /setup {
deny all;
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment