Don't Accidentally Serve Dotfiles With Nginx

View on Twitter

💡 When serving your frontend app directly through Nginx, make sure to not accidentally expose any dotfiles.

👉🏼 Add a location directive to your server configuration to block access to all hidden files.

$Add deny all inside a location block matching ~ /\.(?!well-known) paths to not serve dotfiles in your project.$

A preview of the VPS Security Cheatsheet.

Download the VPS Security Cheatsheet

No spam! 🙅🏻‍♀️ Unsubscribe at any time.