From 30bc7b40cec6d49c0eb532f3ed531cf375ce4548 Mon Sep 17 00:00:00 2001
From: Sami Mazouz <sychocouldy@gmail.com>
Date: Tue, 2 Jan 2024 16:03:33 +0100
Subject: [PATCH] chore: mark resource protection rule blocks

---
 .nginx.conf      | 2 ++
 public/.htaccess | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/.nginx.conf b/.nginx.conf
index e316c3c..8565fe6 100644
--- a/.nginx.conf
+++ b/.nginx.conf
@@ -5,10 +5,12 @@ location / {
 
 # Uncomment the following lines if you are not using a `public` directory
 # to prevent sensitive resources from being exposed.
+# <!-- BEGIN EXPOSED RESOURCES PROTECTION -->
 # location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|flarum|storage|vendor) {
 #   deny all;
 #   return 404;
 # }
+# <!-- END EXPOSED RESOURCES PROTECTION -->
 
 # The following directives are based on best practices from H5BP Nginx Server Configs
 # https://github.com/h5bp/server-configs-nginx
diff --git a/public/.htaccess b/public/.htaccess
index 0c432b5..83f9fc7 100644
--- a/public/.htaccess
+++ b/public/.htaccess
@@ -6,6 +6,7 @@
 
   # Uncomment the following lines if you are not using a `public` directory
   # to prevent sensitive resources from being exposed.
+  # <!-- BEGIN EXPOSED RESOURCES PROTECTION -->
   # RewriteRule /\.git / [F,L]
   # RewriteRule ^auth\.json$ / [F,L]
   # RewriteRule ^composer\.(lock|json)$ / [F,L]
@@ -13,6 +14,7 @@
   # RewriteRule ^flarum$ / [F,L]
   # RewriteRule ^storage/(.*)?$ / [F,L]
   # RewriteRule ^vendor/(.*)?$ / [F,L]
+  # <!-- END EXPOSED RESOURCES PROTECTION -->
 
   # Pass requests that don't refer directly to files in the filesystem to index.php
   RewriteCond %{REQUEST_FILENAME} !-f