Created
June 10, 2013 12:58
-
-
Save jaxbot/5748513 to your computer and use it in GitHub Desktop.
Block nginx from serving .git directories
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
location ~ /\.git { | |
deny all; | |
} | |
# or, all . directories/files in general (including .htaccess, etc) | |
location ~ /\. { | |
deny all; | |
} |
404 makes it such as if the resource is not even there. While otherwise h@ck0rs could potentially find files or directories by just looking at the HTTP status codes. Therefore, I do like 404
as well here.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Yes. I think it will be good to return
404
HTTP status code to let client side know requested resources are not found.