Sanity check of my config - is it secure?

On Thu, May 26, 2011 at 04:10:23PM -0400, benseb wrote:

Thanks people

So there’s no way to say “If the file ISNT a jpeg/gif/css/js” deny. The
only way is to say ‘if .php’ deny, ‘if .txt deny’ etc?

I’d prefer to whitelist the files i DO want to return and block
everything else, incase I forget something to block?

As it was already suggested:

location ~* .(jpe?g|png|gif)$ {
root …
}

location / {
return 444;
}


Igor S.

On Sun, May 22, 2011 at 05:48:42PM +0100, Nuno Magalhes wrote:

^~ /(applets|css)/
The lesser regex locaitons you have in configuraiton is the better.
The best case is zero regex locations.


Igor S.

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs