From 9f5874aecf96b8f3b528f1037f39d6487d896a88 Mon Sep 17 00:00:00 2001
From: Eclair5748 <lolcat.whp7h@simplelogin.com>
Date: Fri, 19 Apr 2024 11:59:49 +1000
Subject: docker: restrict access to private resources

addresses issue #3
---
 docker/apache/https.conf | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'docker/apache/https.conf')

diff --git a/docker/apache/https.conf b/docker/apache/https.conf
index db032dd..ca5edf5 100644
--- a/docker/apache/https.conf
+++ b/docker/apache/https.conf
@@ -21,12 +21,18 @@ ErrorLog /dev/null
     RewriteRule ^ http://%{HTTP_HOST}/%1 [R=301]
     RewriteCond %{REQUEST_FILENAME}.php -f
     RewriteRule .* $0.php
-    Options Indexes FollowSymLinks
+    Options FollowSymLinks
     AllowOverride None
     Require all granted
 </Directory>
 
-
+# deny access to private resources
+<Directory "/var/www/html/4get/data">
+    Require all denied
+    <Files "*">
+        Require all denied
+    </Files>
+</Directory>
 
 LoadModule rewrite_module modules/mod_rewrite.so
 LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
-- 
cgit v1.2.3