mirror of
https://github.com/koel/koel
synced 2024-11-10 06:34:14 +00:00
Whitelist urls instead of blacklist
This commit is contained in:
parent
efcdac82e3
commit
fe0376bb42
2 changed files with 7 additions and 15 deletions
11
.htaccess
11
.htaccess
|
@ -12,19 +12,16 @@
|
|||
RewriteEngine On
|
||||
RewriteBase /
|
||||
|
||||
# Deny access to framework directories
|
||||
RewriteRule ^(app|bootstrap|config|database|resources|storage|tests|vendor|node_modules)/ - [R=404,L,NC]
|
||||
|
||||
# And dot files/folders (for example .env)
|
||||
RedirectMatch 404 /\..*$
|
||||
|
||||
# Redirect Trailing Slashes...
|
||||
RewriteRule ^(.*)/$ /$1 [L,R=301]
|
||||
|
||||
# Whitelist only index.php, robots.txt, and those start with public/ or api/
|
||||
RewriteRule ^(?!($|index\.php|robots\.txt|(public|api)/)) - [R=404,L]
|
||||
|
||||
# Handle Front Controller...
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteRule ^ index.php [L]
|
||||
RewriteRule .* index.php [L]
|
||||
|
||||
# https://github.com/tymondesigns/jwt-auth/wiki/Authentication
|
||||
RewriteCond %{HTTP:Authorization} ^(.*)
|
||||
|
|
|
@ -4,14 +4,9 @@ server {
|
|||
root /var/www/koel;
|
||||
index index.php;
|
||||
|
||||
# Deny access to dotfiles
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
}
|
||||
|
||||
# Deny access to framework directories
|
||||
location ~ /(app|bootstrap|config|database|resources|storage|tests|vendor|node_modules)/ {
|
||||
deny all;
|
||||
# Whitelist only index.php, robots.txt, and those start with public/ or api/
|
||||
if ($request_uri !~ ^/$|index\.php|robots\.txt|api/|public/) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
location /media/ {
|
||||
|
|
Loading…
Reference in a new issue