Ops One AG

You can subscribe via email or RSS

Tuesday 27th March 2018

Managed Server Version 5: add global nginx config to disallow access to certain TYPO3 locations, scheduled 9 months ago

After removing a whole deny block yesterday, we discovered that this might led to open access to certain directories we missed in our previous investigation.

Therefore, we have added the following location to the global nginx configuration again:

location ~* "(?i)((.*typo3(conf)?)\/(|.*\/)((private|test|build)\/).*)" {
  deny all;
}