Update default.conf.sample to deny dotfile access#31
Conversation
Signed-off-by: Eric Nemchik <eric@nemchik.com>
|
This pull request has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions. |
|
I am a bot, here are the test results for this PR:
|
Signed-off-by: Eric Nemchik <eric@nemchik.com>
There was a problem hiding this comment.
Pull request overview
Updates the bundled Nginx sample site configuration to block access to dotfiles by default (while carving out an exception for /.well-known), and documents the change in the project changelog.
Changes:
- Add Nginx rules to allow
/.well-knownwhile denying all other dotfile paths. - Remove the prior
.ht*-only deny block in favor of a broader dotfile deny. - Add a changelog entry describing the required user action.
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| root/defaults/nginx/site-confs/default.conf.sample | Adds /.well-known allow and a general dotfile deny rule; minor formatting change in the /api/ block. |
| readme-vars.yml | Adds a changelog entry instructing existing users to update their Nginx site config for dotfile denial. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| # Allow access to the ".well-known" directory | ||
| location ^~ /.well-known { | ||
| allow all; | ||
| } | ||
|
|
|
|
||
| location /api/ { | ||
| rewrite /foo/(.*) /$1 break; | ||
| rewrite /foo/(.*) /$1 break; |
|
I am a bot, here are the test results for this PR:
|
|
I am a bot, here are the test results for this PR for commit 30f93d7 :
|
No description provided.