feat: activate forbidden locations when the ENV is not local (#116)

* feat: activate forbidden locations when the ENV is not local * Disabled update.php path. * Update templates/fragments/005-forbidden-locations.conf --------- Co-authored-by: Marco Primitivo <marco.primitivo@sparkfabrik.com>
sparkfabrik · May 27, 2024 · d410259 · d410259
1 parent 52cb1b7
commit d410259
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -72,6 +72,12 @@ if [ -n "${NGINX_BASIC_AUTH_USER}" ] && [ -n "${NGINX_BASIC_AUTH_PASS}" ]; then
   fi
 fi
 
+# Activate the forbidden locations when the environment is not local
+if [ "${ENV:-}" != "loc" ]; then
+  print "Activating the forbidden locations"
+  cp /templates/fragments/005-forbidden-locations.conf /etc/nginx/conf.d/fragments/005-forbidden-locations.conf
+fi
+
 # Activate HSTS header (default: off)
 # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
 # The suggested value for the max-age is 63072000 (2 years).

diff --git a/templates/fragments/005-forbidden-locations.conf b/templates/fragments/005-forbidden-locations.conf
@@ -0,0 +1,7 @@
+location = /core/install.php {
+  return 404;
+}
+
+location = /update.php {
+  return 404;
+}