From f37cd307a12ef512ca292e7b4a6814b25f36757b Mon Sep 17 00:00:00 2001
From: William Le <will@place.technology>
Date: Mon, 23 May 2022 10:03:24 +0800
Subject: [PATCH] chore(security): don't serve hidden files/folders like .git/

---
 config/nginx.conf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/config/nginx.conf b/config/nginx.conf
index c5beba8..cd25a17 100644
--- a/config/nginx.conf
+++ b/config/nginx.conf
@@ -132,5 +132,10 @@ http {
             root /etc/nginx/html;
             try_files $uri $uri/index.html =404;
         }
+        
+        # Deny .* (e.g. .git/)
+        location ~ /\. {
+          deny all;
+        }
     }
 }