feat: block dotfile requests across all sites
Test nginx configuration / Static Analysis (push) Failing after 4s
Test nginx configuration / nginx Syntax Check (push) Successful in 20s
Security Scan and Upload / Security & DefectDojo Upload (push) Successful in 1m8s

Adds a deny-dotfiles snippet that returns 403 for any URI matching /\.
(e.g. .gitconfig, .env, .git/) and includes it in every server block.
This commit is contained in:
2026-03-18 11:31:02 -07:00
committed by Naomi Carrigan
parent 1d24a85e07
commit fc252e28e2
34 changed files with 108 additions and 0 deletions
+1
View File
@@ -10,4 +10,5 @@ server {
proxy_pass http://127.0.0.1:12321;
proxy_redirect off;
}
include /etc/nginx/snippets/deny-dotfiles.conf;
}