Merge pull request #1704 from celly/lighttpd-hide-files

Exclude files from Web Admin that should not be accessible.
7 years ago · f0f7bda2f3
parent aa1d67a4de 3f20981aab
commit f0f7bda2f3
2 changed files with 12 additions and 2 deletions
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@ -41,7 +41,7 @@ accesslog.format            = "%{%s}t|%V|%r|%s|%b"


 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
-url.access-deny             = ( "~", ".inc" )
+url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

 compress.cache-dir          = "/var/cache/lighttpd/compress/"
@ -66,5 +66,10 @@ $HTTP["url"] =~ "^/admin/" {
    }
 }

+# Block . files from being served, such as .git, .github, .gitignore
+$HTTP["url"] =~ "^/admin/\.(.*)" {
+     url.access-deny = ("")
+}
+
 # Add user chosen options held in external file
 include_shell "cat external.conf 2>/dev/null"
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@ -42,7 +42,7 @@ accesslog.format            = "%{%s}t|%V|%r|%s|%b"


 index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
-url.access-deny             = ( "~", ".inc" )
+url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
 static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )

 compress.cache-dir          = "/var/cache/lighttpd/compress/"
@ -85,5 +85,10 @@ $HTTP["url"] =~ "^/admin/" {
    }
 }

+# Block . files from being served, such as .git, .github, .gitignore
+$HTTP["url"] =~ "^/admin/\.(.*)" {
+     url.access-deny = ("")
+}
+
 # Add user chosen options held in external file
 include_shell "cat external.conf 2>/dev/null"