Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NginX: Restrict access to sensitive directories #24

Open
xurizaemon opened this issue May 11, 2015 · 0 comments
Open

NginX: Restrict access to sensitive directories #24

xurizaemon opened this issue May 11, 2015 · 0 comments

Comments

@xurizaemon
Copy link

Discussed in #21

  • NginX does not respect .htaccess
  • Solution (until we move sensitive directories from webroot) is to use nginx config to prevent access
  • Directory paths are specific to CMS (eg sites//files/civicrm/ versus wp-content/something)
  • But since the risk of collision is low and AMP is targeted at local use, IMO it's OK to block the lot.
xurizaemon pushed a commit to xurizaemon/amp that referenced this issue May 11, 2015
Refs amp-cli#24. NginX: Do not permit access for Drupal files directory.
764384d 
WIP, needs additional paths for other CMS.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@xurizaemon