From 08ade5cd1e7b4e6429fec3fd7fc1080decd3e3ac Mon Sep 17 00:00:00 2001 From: cwivagg Date: Sat, 7 Jan 2023 07:42:17 -0500 Subject: [PATCH] Update matomo-nginx.conf.j2 Fix security problems noted in https://github.com/iiab/iiab/issues/3441. --- roles/matomo/templates/matomo-nginx.conf.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/roles/matomo/templates/matomo-nginx.conf.j2 b/roles/matomo/templates/matomo-nginx.conf.j2 index 0a7b91609..8ec494bc0 100644 --- a/roles/matomo/templates/matomo-nginx.conf.j2 +++ b/roles/matomo/templates/matomo-nginx.conf.j2 @@ -10,6 +10,7 @@ location ~ ^/matomo(.*)\.php(.*)$ { fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; fastcgi_param PATH_INFO $2; + location ~ ^/matomo/(config|tmp|core|lang) { deny all; return 403; } } location ~ ^/matomo(/)? {