Configure security rules in Dokuwiki to protect configuration and data files

Original link:

Since the file path of dokuwiki will be placed in several directories such as data/conf/bin by default, if you do not protect the corresponding files, if someone knows dokuwiki, it can bypass your dokuwiki and read the wiki directly Content.

And when you don’t protect it, Dokuwiki will also show that your configuration is not secure in the configuration.

To enable Nginx protection, you need to add the following code to the Nginx configuration file.

 location ~ /(data|conf|bin|inc|vendor)/ { deny all; }

After the addition is complete, execute the following command to restart Nginx for the command to take effect.

 nginx -t nginx -s reload

After it takes effect successfully, refresh it again, and you can see that the prompt has disappeared. At the same time, if you directly access the data files in the data directory, an error will be reported directly.

This article is reprinted from:
This site is for inclusion only, and the copyright belongs to the original author.