docs: update the non-standard code configuration to forbid access to .env and .git

docs: fix invalid JSON on example easywaf-config.json file
2024-09-10 19:43:13 +02:00 · 2024-09-10 19:37:39 +02:00
1 changed files with 2 additions and 2 deletions
--- a/pages/docs/mod-notes.md
+++ b/pages/docs/mod-notes.md
@ -57,7 +57,7 @@ If you're using SVR.JS behind a reverse proxy, you need to configure _trustProxy
 Example _easywaf-config.json_ file:
 ```json
 {
-  "modules" : {
+  "modules": {
    "xss": {
      "excludePaths": "/^\\/(?:git\\/)?(?:(?!\\.git).)*\\.git\\/|^\\/(?:(?:navbar-)?logo|powered).png$/"
    },
@ -109,7 +109,7 @@ It's also recommended to forbid the access to ".env" file and ".git" directories
  "nonStandardCodes": [
    {
      "scode": 403,
-      "regex": "/^\\/\\.env(?:\\.local)?(?:$|[#?])/"
+      "regex": "/^\\/\\.env(?:\\.local|\\.production)?(?:$|[#?])/"
    },
    { 
      "scode": 403,
Author	SHA1	Message	Date
Dorian Niemiec	1a4fb6246b	docs: update the non-standard code configuration to forbid access to .env and .git Some checks failed Deploy Next.js application / deploy (push) Has been cancelled Details	2024-09-10 19:43:13 +02:00
Dorian Niemiec	b7e2ec9d63	docs: fix invalid JSON on example easywaf-config.json file	2024-09-10 19:37:39 +02:00