Nginx.conf Expose to Public

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator Jan Dembowski

    (@jdembowski)

    Forum Moderator and Brute Squad

    You’ll need to ask your host provider. There is no reason why your nginx.conf file should be served that way.

    Thread Starter somaxfx

    (@somaxfx)

    Thanks for your honest reply. Really helped

    jejani

    (@jejani)

    @somaxfx,

    You should deny public access to that file using your Nginx server block rules, the permissions 644 is not secure (nor any XXX permission level really):

    ## block public access to nginx.conf
location = /nginx.conf {
        deny all;
    }

    More info about Unix file permissions and their differences:

    https://linuxcommand.org/lts0070.php

    Thread Starter somaxfx

    (@somaxfx)

    @jesse

    thanks

    you’re my man

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Nginx.conf Expose to Public’ is closed to new replies.