Compare commits
No commits in common. "1a4fb6246b21c1d9fc16dfcc0aeeba885aa8713b" and "1b8d8705f4eb707f44ac5f7c815603819e1bc4b3" have entirely different histories.
1a4fb6246b
...
1b8d8705f4
1 changed files with 2 additions and 2 deletions
|
|
@ -57,7 +57,7 @@ If you're using SVR.JS behind a reverse proxy, you need to configure _trustProxy
|
||||||
Example _easywaf-config.json_ file:
|
Example _easywaf-config.json_ file:
|
||||||
```json
|
```json
|
||||||
{
|
{
|
||||||
"modules": {
|
"modules" : {
|
||||||
"xss": {
|
"xss": {
|
||||||
"excludePaths": "/^\\/(?:git\\/)?(?:(?!\\.git).)*\\.git\\/|^\\/(?:(?:navbar-)?logo|powered).png$/"
|
"excludePaths": "/^\\/(?:git\\/)?(?:(?!\\.git).)*\\.git\\/|^\\/(?:(?:navbar-)?logo|powered).png$/"
|
||||||
},
|
},
|
||||||
|
|
@ -109,7 +109,7 @@ It's also recommended to forbid the access to ".env" file and ".git" directories
|
||||||
"nonStandardCodes": [
|
"nonStandardCodes": [
|
||||||
{
|
{
|
||||||
"scode": 403,
|
"scode": 403,
|
||||||
"regex": "/^\\/\\.env(?:\\.local|\\.production)?(?:$|[#?])/"
|
"regex": "/^\\/\\.env(?:\\.local)?(?:$|[#?])/"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"scode": 403,
|
"scode": 403,
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue