makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-08 04:18:52 +00:00
Code Issues Projects Releases Packages Wiki Activity

[ticket/10007] Add directive 'internal' to blocked folders in nginx config.

Browse source 
The "deny" and "access" directives are IP-based in general. Both directives
only support IPv6 from nginx 0.8.22 onwards, on older versions of nginx those
directives have no effect on IPv6 requests. Thus they do not block access for
IPv6 requests.

Adding the "internal" directive blocks external access in general (both IPv4
and IPv6) and makes the web server return a status code 404 (Not Found)
response.

See:
http://nginx.org/en/CHANGES
http://wiki.nginx.org/HttpCoreModule#internal

PHPBB3-10007
This commit is contained in:
Andreas Fischer 2011-01-24 17:35:10 +01:00
parent e1e84f9bd0
commit a970219d61
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/docs/nginx.sample.conf
View file

@ -45,6 +45,7 @@ http {
# Deny access to internal phpbb files. # Deny access to internal phpbb files.
location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) { location ~ /(config\.php|common\.php|includes|cache|files|store|images/avatars/upload) {
internal;
deny all; deny all;
} }
@ -59,6 +60,7 @@ http {
# Deny access to version control system directories. # Deny access to version control system directories.
location ~ /\.svn|/\.git { location ~ /\.svn|/\.git {
internal;
deny all; deny all;
} }
} }