From 9c7058176bd147e5d3181516b0ae2ff88d71cc56 Mon Sep 17 00:00:00 2001 From: Alexey Pustovalov Date: Fri, 6 Jan 2023 13:28:45 +0900 Subject: [PATCH] Disallow access to vendor directory on Nginx --- Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf | 2 +- .../web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf | 2 +- .../web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx.conf | 2 +- Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf | 2 +- Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf | 2 +- .../web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf | 2 +- .../web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf | 2 +- .../web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx.conf | 2 +- Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx_ssl.conf | 2 +- Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf | 2 +- .../web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf | 2 +- 18 files changed, 18 insertions(+), 18 deletions(-) diff --git a/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-mysql/alpine/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-mysql/centos/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-mysql/ol/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-mysql/rhel/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-mysql/ubuntu/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-pgsql/alpine/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-pgsql/centos/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-pgsql/ol/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf b/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf index 46d0a1f65..dbb3ebecd 100644 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx.conf @@ -41,7 +41,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; } diff --git a/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf b/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf index 056d1354c..e37876913 100644 --- a/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf +++ b/Dockerfiles/web-nginx-pgsql/ubuntu/conf/etc/zabbix/nginx_ssl.conf @@ -68,7 +68,7 @@ server { expires 14d; } - location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/) { + location ~ /(app\/|conf[^\.]|include\/|local\/|locale\/|vendor\/) { deny all; return 404; }