From 9f5874aecf96b8f3b528f1037f39d6487d896a88 Mon Sep 17 00:00:00 2001
From: Eclair5748 <lolcat.whp7h@simplelogin.com>
Date: Fri, 19 Apr 2024 11:59:49 +1000
Subject: docker: restrict access to private resources

addresses issue #3
---
 docker/apache/http.conf | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'docker/apache/http.conf')

diff --git a/docker/apache/http.conf b/docker/apache/http.conf
index 24bb1d2..f496ba5 100644
--- a/docker/apache/http.conf
+++ b/docker/apache/http.conf
@@ -16,11 +16,19 @@ ErrorLog /dev/null
     RewriteRule ^ http://%{HTTP_HOST}/%1 [R=301]
     RewriteCond %{REQUEST_FILENAME}.php -f
     RewriteRule .* $0.php
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
 </Directory>
 
+# deny access to private resources
+<Directory "/var/www/html/4get/data">
+    Require all denied
+    <Files "*">
+        Require all denied
+    </Files>
+</Directory>
+
 LoadModule rewrite_module modules/mod_rewrite.so
 LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
 LoadModule authn_file_module modules/mod_authn_file.so
-- 
cgit v1.2.3