SECURITY: prevent direct download of backups

This commit is contained in:
Régis Hanol 2014-12-03 12:47:28 +01:00
parent 8ab32396a7
commit acc62f2ec2
1 changed files with 5 additions and 0 deletions

View File

@ -58,6 +58,11 @@ server {
# further more etags are based on the file in nginx not sha of data
# use dates, it solves the problem fine even cross server
etag off;
# prevent direct download of backups
location ^~ /backups/ {
internal;
}
location / {
root $public;