Skip to content

Commit

Permalink
nextcloud: Restrict access to status pages.
Browse files Browse the repository at this point in the history
  • Loading branch information
JGoutin committed Aug 26, 2024
1 parent b5e29a1 commit 36c6ed2
Showing 1 changed file with 17 additions and 0 deletions.
17 changes: 17 additions & 0 deletions roles/nextcloud/files/nginx-site-nextcloud.j2
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,23 @@
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }

# Restrict status pages access
location = /status.php {
access_log off;
{% if common_netdata_enable is defined -%}
allow ::1;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_pass php-handler;
{%- endif %}
deny all;
}
location = /ocs/v2.php/apps/serverinfo/api/v1/info {
access_log off;
deny all;
}

# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
Expand Down

0 comments on commit 36c6ed2

Please sign in to comment.