prevent direct access to json files

2021-02-10 00:40:59 +03:00 · 2021-02-10 00:40:59 +03:00 · f8ffda26c7
commit f8ffda26c7
parent e251a14106
2 changed files with 2 additions and 2 deletions
--- a/.htaccess
+++ b/.htaccess
@ -28,7 +28,7 @@
    RewriteRule ^(app|bootstrap|config|database|overrides|resources|routes|storage|tests)/(.*) / [L,R=301]

    # Prevent Direct Access To modules/vendor Folders Except Assets
-    RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]
+    RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js\b|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ / [L,R=301]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
--- a/nginx.example.com.conf
+++ b/nginx.example.com.conf
@ -32,7 +32,7 @@ server {
    }

    # Prevent Direct Access To modules/vendor Folders Except Assets
-    location ~ ^/(modules|vendor)\/(.*)\.((?!ico|gif|jpg|jpeg|png|js|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {
+    location ~ ^/(modules|vendor)\/(.*)\.((?!ico|gif|jpg|jpeg|png|js\b|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {
        deny all;
    }