added new exceptions

.htaccess

@@ -12,13 +12,13 @@
     RewriteEngine On
 
     # Prevent Direct Access to Protected Files
-    <FilesMatch "(?i)(^artisan$|\.env|\.log)">
+    <FilesMatch "(?i)(^artisan$|\.env|\.json|\.log)">
         Order deny,allow
         Deny from all
     </FilesMatch>
 
     # Prevent Direct Access To Protected Folders
-    RewriteRule ^(app|bootstrap|config|database|resources|routes|storage|tests)/(.*) / [L,R=301]
+    RewriteRule ^(app|bootstrap|config|database|overrides|resources|routes|storage|tests)/(.*) / [L,R=301]
 
     # Prevent Direct Access To modules/vendor Folders Except Assets
     RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]

nginx.example.com.conf

@@ -1,14 +1,14 @@
 server {
     listen 80 default_server;
     listen 443 ssl http2;
-    
+
     ssl_certificate /ssl/crt/file.crt;
     ssl_certificate_key /ssl/key/file.key;
-    
+
     server_name example.com;
 
     root /var/www/example.com/public_html;
-    
+
     add_header X-Frame-Options "SAMEORIGIN";
     add_header X-XSS-Protection "1; mode=block";
     add_header X-Content-Type-Options "nosniff";
@@ -22,20 +22,20 @@ server {
     }
 
     # Prevent Direct Access To Protected Files
-    location ~ \.(env|log) {
+    location ~ \.(env|json|log) {
         deny all;
     }
 
     # Prevent Direct Access To Protected Folders
-    location ~ ^/(^app$|bootstrap|config|database|resources|routes|storage|tests|artisan) {
+    location ~ ^/(^app$|bootstrap|config|database|overrides|resources|routes|storage|tests|artisan) {
         deny all;
     }
- 
+
     # Prevent Direct Access To modules/vendor Folders Except Assets
     location ~ ^/(modules|vendor)\/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {
         deny all;
     }
-    
+
     error_page 404 /index.php;
 
     # Pass PHP Scripts To FastCGI Server
@@ -50,4 +50,4 @@ server {
     location ~ /\.(?!well-known).* {
         deny all;
     }
-}
+}