From a970219d61204b2e8e5d937d448ac25c44ce5fd0 Mon Sep 17 00:00:00 2001
From: Andreas Fischer <bantu@phpbb.com>
Date: Mon, 24 Jan 2011 17:35:10 +0100
Subject: [PATCH] [ticket/10007] Add directive 'internal' to blocked folders in
 nginx config.

The "deny" and "access" directives are IP-based in general. Both directives
only support IPv6 from nginx 0.8.22 onwards, on older versions of nginx those
directives have no effect on IPv6 requests. Thus they do not block access for
IPv6 requests.

Adding the "internal" directive blocks external access in general (both IPv4
and IPv6) and makes the web server return a status code 404 (Not Found)
response.

See:
http://nginx.org/en/CHANGES
http://wiki.nginx.org/HttpCoreModule#internal

PHPBB3-10007
---
 phpBB/docs/nginx.sample.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/phpBB/docs/nginx.sample.conf b/phpBB/docs/nginx.sample.conf
index a22a126ff4..2a11e057c5 100644
--- a/phpBB/docs/nginx.sample.conf
+++ b/phpBB/docs/nginx.sample.conf
@@ -45,6 +45,7 @@ http {
 
         # Deny access to internal phpbb files.
         location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) {
+            internal;
             deny all;
         }
 
@@ -59,6 +60,7 @@ http {
 
         # Deny access to version control system directories.
         location ~ /\.svn|/\.git {
+            internal;
             deny all;
         }
     }