Skip to content

Commit

Permalink
Fixes #59
Browse files Browse the repository at this point in the history
Tightened Apache directory permissions to deny access to dotfiles and system directories. This also fixes #59.
  • Loading branch information
shinsenter authored Feb 23, 2024
1 parent ed90244 commit ec6aac2
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 9 deletions.
4 changes: 4 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@

All notable changes to this project will be documented in this file.

## [5.0.2] - 2024-02-23

Tightened Apache directory permissions to deny access to dotfiles and system directories. This also fixes #59.

## [5.0.1] - 2024-02-16

We have made some minor improvements to the content of debug messages and variable naming.
Expand Down
14 changes: 5 additions & 9 deletions src/php/with-apache/rootfs/etc/apache2/apache2.conf
Original file line number Diff line number Diff line change
Expand Up @@ -167,17 +167,13 @@ Timeout 60
</Directory>

# Security settings
<FilesMatch "\.(ht.*|ini|log|sh|c)$">
Require all denied
<FilesMatch "^\.(ht|config|ssh|pem|key|pass|ini|log|sh|c)$">
Redirect 404 /
</FilesMatch>

<DirectoryMatch "/\.(?!well-known)">
Require all denied
</DirectoryMatch>

<FilesMatch "/\.(?!well-known)">
Require all denied
</FilesMatch>
<LocationMatch "(^|/)\.(?!well-known)">
Redirect 404 /
</LocationMatch>

# Set basic settings for document root
<Directory ${APP_PATH}>
Expand Down

0 comments on commit ec6aac2

Please sign in to comment.