docs: fix invalid JSON on example easywaf-config.json file

docs: add a security recommendation to notes for Next.js integration mod
2024-09-10 19:38:17 +02:00 · 2024-09-10 19:36:05 +02:00
1 changed files with 19 additions and 1 deletions
--- a/source/mods.md
+++ b/source/mods.md
@ -67,7 +67,7 @@ If you're using SVR.JS behind a reverse proxy, you need to configure _trustProxy
 Example _easywaf-config.json_ file:
 ```json
 {
-  "modules" : {
+  "modules": {
    "xss": {
      "excludePaths": "/^\\/(?:git\\/)?(?:(?!\\.git).)*\\.git\\/|^\\/(?:(?:navbar-)?logo|powered).png$/"
    },
@ -107,6 +107,24 @@ _View the [change log.](/greenrhombus-changelog)_
 The webroot (_wwwroot_ _config.json_ property) serves as a Next.js application directory. It's recommended to set the owner of the Next.js application directory (around with all the files in it) as the user, on which SVR.JS is running (usually "svrjs"). Setting a `NODE_ENV` environment variable to `development` in SVR.JS configuration enables Next.js development server.
 It's also recommended to forbid the access to ".env" file and ".git" directories, in case Next.js integration mod fails to load. You can set up _nonStandardCodes_ _config.json_ property like this:
 ```json
 {
  "nonStandardCodes": [
    {
      "scode": 403,
      "regex": "/^\\/\\.env(?:\\.local)?(?:$|[#?])/"
    },
    { 
      "scode": 403,
      "regex": "/^\\/\\.git/"
    },
    ...other non-standard codes...
  ],
  ...other config.json properties...
 }
 ```
 _View the [change log.](/nextjs-integration-changelog)_
 ### OrangeCircle
Author	SHA1	Message	Date
Dorian Niemiec	5ea8f52324	docs: fix invalid JSON on example easywaf-config.json file	2024-09-10 19:38:17 +02:00
Dorian Niemiec	c95cc32122	docs: add a security recommendation to notes for Next.js integration mod	2024-09-10 19:36:05 +02:00