linuxserver/docker-swag
1
0
Fork 0
mirror of https://github.com/linuxserver/docker-swag.git synced 2026-02-09 14:34:14 +09:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update default.conf.sample to deny dotfile access

Browse Source 
Signed-off-by: Eric Nemchik <eric@nemchik.com>
This commit is contained in:
Eric Nemchik
2026-02-08 09:39:37 -06:00
parent 6182a75998
commit 716b1237c5
2 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
root/defaults/nginx/site-confs/default.conf.sample
View File

@@ -1,4 +1,4 @@
## Version 2025/07/18 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
## Version 2026/02/08 - Changelog: https://github.com/linuxserver/docker-swag/commits/master/root/defaults/nginx/site-confs/default.conf.sample
# redirect all traffic to https
server {
@@ -13,9 +13,9 @@ server {
# main server block
server {
listen 443 ssl default_server;
# listen 443 quic reuseport default_server;
listen [::]:443 ssl default_server;
# listen [::]:443 quic reuseport default_server;
#listen 443 quic reuseport default_server;
#listen [::]:443 quic reuseport default_server;
server_name _;
@@ -74,9 +74,17 @@ server {
include /etc/nginx/fastcgi_params;
}
# deny access to .htaccess/.htpasswd files
location ~ /\.ht {
# deny access to all dotfiles
location ~ /\. {
deny all;
log_not_found off;
access_log off;
return 404;
}
# Allow access to the ".well-known" directory
location ^~ /.well-known {
allow all;
}
}