Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Deny commonly used security-probing things that spam up log files (for a Rails app)
location ~ ^/(wp-admin|wp-login\.php|priv\.dog|companies\/sidekick) {
deny all;
break;
}
# file extensions that should never be served, this prevents
# potential malicious downloads in case someone manages to manipulate
# a Rails URL or write a file that can be served
# (~* matches case-insensitive)
location ~* \.(?:git|svn|DS_Store|asp|aspx|cgi|pt|pl|idx|php|exe|scpt|AppleScript|dll|dmg|pif|msi|application|msp|com|scr|hta|cpl|gadget|msc|jar|bat|vb|vbs|vbe|ws|wsh|inf|lnk|reg|scf|wsc|wsh|ps1|ps1xml|ps2|ps2xml|psc1|psc2|msh|msh1|msh2|mshxml|msh1xml|msh2xml)$ {
deny all;
break;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.