feat: activate forbidden locations when the ENV is not local (#116)

Monska85 · Bladedu · web-flow · commit d4102593df7f · 2024-05-27T12:10:37.000+02:00
* feat: activate forbidden locations when the ENV is not local

* Disabled update.php path.

* Update templates/fragments/005-forbidden-locations.conf

---------

Co-authored-by: Marco Primitivo &lt;marco.primitivo@sparkfabrik.com&gt;
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -72,6 +72,12 @@ if [ -n "${NGINX_BASIC_AUTH_USER}" ] && [ -n "${NGINX_BASIC_AUTH_PASS}" ]; then
   fi
 fi
 
+# Activate the forbidden locations when the environment is not local
+if [ "${ENV:-}" != "loc" ]; then
+  print "Activating the forbidden locations"
+  cp /templates/fragments/005-forbidden-locations.conf /etc/nginx/conf.d/fragments/005-forbidden-locations.conf
+fi
+
 # Activate HSTS header (default: off)
 # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security
 # The suggested value for the max-age is 63072000 (2 years).
diff --git a/templates/fragments/005-forbidden-locations.conf b/templates/fragments/005-forbidden-locations.conf
@@ -0,0 +1,7 @@
+location = /core/install.php {
+  return 404;
+}
+
+location = /update.php {
+  return 404;
+}
