Server config analysis engine in Nginx Amplify fails to recognize regex pattern

Juliy V. Chirkov juliyvchirkov at gmail.com
Sat May 28 13:25:58 UTC 2022


Hi guys

Seems server config analysis engine in Nginx Amplify fails to recognize
common regex pattern

Server config analysis reports

——————
Regex location has no regex pattern

Regex location has a valid modifier, but does not have a regex pattern.
Performance-wise it is more efficient to configure exact or prefix matching
for locations that do not require regex matching. It is also less prone to
errors. Please refer to the documentation describing location directive to
learn more.

Check the following files:
/etc/nginx/conf.d/location.common.conf, line 11
-------------

While line 11 of that file indeed does contain regex pattern: location ~
"/\." {

I.e. any file or folder which name starts with dot. The goal is to protect
dot files like .env from public access. The complete rule follows

location ~ "/\." {
    return 444;
}

--
Juliy V. Chirkov
https://juliyvchirkov.github.io
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx-devel/attachments/20220528/6dd34381/attachment.htm>


More information about the nginx-devel mailing list