forked from extern/egroupware
* Docker: do not allow to call php files ment to be included only (src, setup, inc or vendor directories)
This commit is contained in:
parent
6d00d548a8
commit
497ea5f000
@ -35,6 +35,10 @@ server {
|
||||
alias /usr/share/egroupware/;
|
||||
try_files $uri $uri/ =404;
|
||||
location ~ ^/egroupware(/(?U).+\.php) {
|
||||
# do not allow to call files ment to be included only
|
||||
location ~ /(src|setup|inc|vendor)/ {
|
||||
return 403;
|
||||
}
|
||||
alias /usr/share/egroupware;
|
||||
fastcgi_pass fpm;
|
||||
# added to support WebDAV/CalDAV/CardDAV
|
||||
|
Loading…
Reference in New Issue
Block a user