Created
June 10, 2013 12:58
-
-
Save jaxbot/5748513 to your computer and use it in GitHub Desktop.
Block nginx from serving .git directories
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| location ~ /\.git { | |
| deny all; | |
| } | |
| # or, all . directories/files in general (including .htaccess, etc) | |
| location ~ /\. { | |
| deny all; | |
| } |
nice
Better don't spend resources for non-senses and return 444 that closes the connection, TCP RST is sent to the client, and all memory occupied by this socket is released.
location ~ /\. {
deny all;
return 444;
access_log off;
}
Worth noting that return 444; just drops the connection (as far as I know) so, as @bsavelev mentioned, it might be better to return 404; if you want it to look like .git doesn't exist on the server.
Yes. I think it will be good to return 404 HTTP status code to let client side know requested resources are not found.
404 makes it such as if the resource is not even there. While otherwise h@ck0rs could potentially find files or directories by just looking at the HTTP status codes. Therefore, I do like 404 as well here.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I'm with @bsavelev - I hand back a 404, it is cleaner
location ~ /.git {
return 404
deny;
}
Sorry for the raw code, but If I tried to wrap it in a pair of
tagsI lose the layout?!