From 1984e64ccdd7cbdb01957b349b79a9519a1b220a Mon Sep 17 00:00:00 2001 From: Jennie Robinson Faber Date: Tue, 31 Mar 2026 17:50:00 +0100 Subject: [PATCH] Add configuration to block access to hidden files in nginx --- .cursorignore | 9 +++++++++ .cursorindexingignore | 9 +++++++++ nginx.conf | 6 ++++++ scripts/.cursorignore | 9 +++++++++ scripts/.cursorindexingignore | 9 +++++++++ 5 files changed, 42 insertions(+) create mode 100644 .cursorignore create mode 100644 .cursorindexingignore create mode 100644 scripts/.cursorignore create mode 100644 scripts/.cursorindexingignore diff --git a/.cursorignore b/.cursorignore new file mode 100644 index 0000000..9d5b640 --- /dev/null +++ b/.cursorignore @@ -0,0 +1,9 @@ +.env* +*.pem +*.key +*.p12 +*.pfx +*.crt +*.cert +credentials.* +secrets.* diff --git a/.cursorindexingignore b/.cursorindexingignore new file mode 100644 index 0000000..9d5b640 --- /dev/null +++ b/.cursorindexingignore @@ -0,0 +1,9 @@ +.env* +*.pem +*.key +*.p12 +*.pfx +*.crt +*.cert +credentials.* +secrets.* diff --git a/nginx.conf b/nginx.conf index 344362f..047714a 100644 --- a/nginx.conf +++ b/nginx.conf @@ -47,6 +47,12 @@ http { add_header Cache-Control "public"; } + # Block access to hidden files (especially .git) + location ~ /\. { + deny all; + return 404; + } + # Health check location = /api/health { proxy_pass http://outline; diff --git a/scripts/.cursorignore b/scripts/.cursorignore new file mode 100644 index 0000000..9d5b640 --- /dev/null +++ b/scripts/.cursorignore @@ -0,0 +1,9 @@ +.env* +*.pem +*.key +*.p12 +*.pfx +*.crt +*.cert +credentials.* +secrets.* diff --git a/scripts/.cursorindexingignore b/scripts/.cursorindexingignore new file mode 100644 index 0000000..9d5b640 --- /dev/null +++ b/scripts/.cursorindexingignore @@ -0,0 +1,9 @@ +.env* +*.pem +*.key +*.p12 +*.pfx +*.crt +*.cert +credentials.* +secrets.*