[Request] [Needful] Add an option to remove the "deny all;" for dotted locations
Hello,
My request follow this old one: 4551
It concern at least ISPConfig 3.1.15p3 with Nginx.
I use websites as an easy proxy configuration tool for applications running on the server, in this case a Gitbucket server for versioning.
If I try to view or edit hidden dot-files or folders directly on the website the dotted names are in the URL and there is a location modifier rule in ISPConfig that block all connections to it:
location ~ /\. {
deny all;
}
The issue is that this modifier can only be overwritten by an exact match (=) or a non regular expression modifier (^~).
In some cases, like Gitbucket, if the first part of the URL is customized for some reason, here it is the username of the user and then /tree or /blob, so we can not use "^~", we need regular expressions and it will not overwrite.
Example of URL : https://git.domain.tld/User/project/blob/master/.hiddenfolder/.hiddenfile
I think that in the exact case where nginx is just being a proxy there is no security issue to let the administrator or the user to disable this rule.
But this option need to be per website because I use some of them as regular website server.
I don't know enough about the architecture of ISPC to make a commit.
Thanks in advance.
Kind regards, Tomasz