Protect config files from public access

2016-03-01 14:38:12 +01:00 · 2016-03-01 14:38:12 +01:00 · 3be0a51c75
commit 3be0a51c75
parent d3003715dc
2 changed files with 9 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -52,6 +52,10 @@ server {
        deny all;
        return 403;
    }
+    location ^~ /webmum/config {
+        deny all;
+        return 403;
+    }
 }
 ```

@ -81,6 +85,10 @@ server {
        deny all;
        return 403;
    }
+    location ^~ /config {
+        deny all;
+        return 403;
+    }
 }
 ```

--- a/config/.htaccess
+++ b/config/.htaccess
@ -0,0 +1 @@
+Deny from all