diff --git a/conf/nginx-primaryonly.conf b/conf/nginx-primaryonly.conf index 2ad5d7d3..2ecd0716 100644 --- a/conf/nginx-primaryonly.conf +++ b/conf/nginx-primaryonly.conf @@ -24,6 +24,7 @@ # /cloud/index.php/apps/files/ # /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d) # /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240) + # /cloud/remote.php/webdav/yourfilehere... include fastcgi_params; fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2; fastcgi_param SCRIPT_NAME $1$2; diff --git a/conf/nginx.conf b/conf/nginx.conf index bf204a6a..8c480ec3 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -54,13 +54,6 @@ server { alias /var/lib/mailinabox/mozilla-autoconfig.xml; } - # Disable viewing dotfiles (.htaccess, .svn, .git, etc.) - location ~ /\.(ht|svn|git|hg|bzr) { - log_not_found off; - access_log off; - deny all; - } - # Roundcube Webmail configuration. rewrite ^/mail$ /mail/ redirect; rewrite ^/mail/$ /mail/index.php; @@ -106,4 +99,18 @@ server { # ADDITIONAL DIRECTIVES HERE + + # Disable viewing dotfiles (.htaccess, .svn, .git, etc.) + # This block is placed at the end. Nginx's precedence rules means this block + # takes precedence over all non-regex matches and only regex matches that + # come after it (i.e. none of those, since this is the last one.) That means + # we're blocking dotfiles in the static hosted sites but not the FastCGI- + # handled locations for ownCloud (which serves user-uploaded files that might + # have this pattern, see #414) or some of the other services. + location ~ /\.(ht|svn|git|hg|bzr) { + log_not_found off; + access_log off; + deny all; + } + }