From 4345e41e97f980021e1443c21875a0b889b474dc Mon Sep 17 00:00:00 2001
From: Thomas Backlund <tmb@mageia.org>
Date: Tue, 4 Sep 2018 23:26:18 +0259
Subject: apache: protect any hidden files or dirs with 404

---
 modules/apache/manifests/base.pp                 | 3 +++
 modules/apache/templates/no_hidden_file_dir.conf | 4 ++++
 2 files changed, 7 insertions(+)
 create mode 100644 modules/apache/templates/no_hidden_file_dir.conf

diff --git a/modules/apache/manifests/base.pp b/modules/apache/manifests/base.pp
index a24040e3..b24b740e 100644
--- a/modules/apache/manifests/base.pp
+++ b/modules/apache/manifests/base.pp
@@ -31,6 +31,9 @@ class apache::base {
     }
 
     apache::config {
+        "${conf_d}/no_hidden_file_dir.conf":
+            content => template('apache/no_hidden_file_dir.conf'),
+            require => Package[$apache::var::pkg_conf];
         "${conf_d}/customization.conf":
             content => template('apache/customization.conf'),
             require => Package[$apache::var::pkg_conf];
diff --git a/modules/apache/templates/no_hidden_file_dir.conf b/modules/apache/templates/no_hidden_file_dir.conf
new file mode 100644
index 00000000..18da03cd
--- /dev/null
+++ b/modules/apache/templates/no_hidden_file_dir.conf
@@ -0,0 +1,4 @@
+#
+# dont serve up any hidden files or dirs like .git*, .svn, ...
+#
+RedirectMatch 404 /\..*$
\ No newline at end of file
-- 
cgit v1.2.1