Closed
Description
This issue is automatically created based on existing pull request: #34388: Add .htpasswd to banned locations in nginx config
Description (*)
The nginx config file contains a section that catches and blocks requests that dont match the other blocks. If the .htaccess is blocked, it just seems logical to exclude the .htpasswd too because of sensitive data.
Sometimes nginx is used in front of apache as a reverse proxy, so it is possible for apache config files to exist.
Related Pull Requests
Fixed Issues (if relevant)
- Fixes magento/magento2#<issue_number>
Manual testing scenarios (*)
- ...
- ...
Questions or comments
Contribution checklist (*)
- Pull request has a meaningful description of its purpose
- All commits are accompanied by meaningful commit messages
- All new or changed code is covered with unit/integration tests (if applicable)
- README.md files for modified modules are updated and included in the pull request if any README.md predefined sections require an update
- All automated tests passed successfully (all builds are green)
Metadata
Metadata
Assignees
Labels
Gate 3 Passed. Manual verification of the issue completed. Issue is confirmedA defect with this priority could have functionality issues which are not to expectations.Indicates original Magento version for the Issue report.The issue has been reproduced on latest 2.4-develop branchAffects non-critical data or functionality and does not force users to employ a workaround.
Type
Projects
Status
Done