SECURITY: prevent direct download of backups

2024-11-22 12:12:26 +08:00 · 2014-12-03 12:47:28 +01:00 · 2014-12-03 12:47:28 +01:00 · acc62f2ec2
commit acc62f2ec2
parent 8ab32396a7
1 changed files with 5 additions and 0 deletions
--- a/config/nginx.sample.conf
+++ b/config/nginx.sample.conf
@ -58,6 +58,11 @@ server {
  # further more etags are based on the file in nginx not sha of data
  # use dates, it solves the problem fine even cross server
  etag off;
+  
+  # prevent direct download of backups
+  location ^~ /backups/ {
+    internal;
+  }

  location / {
    root $public;