Created
June 10, 2013 12:58
-
-
Save jaxbot/5748513 to your computer and use it in GitHub Desktop.
Block nginx from serving .git directories
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
location ~ /\.git { | |
deny all; | |
} | |
# or, all . directories/files in general (including .htaccess, etc) | |
location ~ /\. { | |
deny all; | |
} |
Better don't spend resources for non-senses and return 444 that closes the connection, TCP RST is sent to the client, and all memory occupied by this socket is released.
location ~ /\. {
deny all;
return 444;
access_log off;
}
Worth noting that return 444;
just drops the connection (as far as I know) so, as @bsavelev mentioned, it might be better to return 404;
if you want it to look like .git
doesn't exist on the server.
Yes. I think it will be good to return 404
HTTP status code to let client side know requested resources are not found.
404 makes it such as if the resource is not even there. While otherwise h@ck0rs could potentially find files or directories by just looking at the HTTP status codes. Therefore, I do like 404
as well here.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
nice