4

I deploy a Drupal web site using git (well, OK, the developers deploy it; I try to keep them out of trouble), and for that reason the site has a directory .git and a file .gitignore in the document root.

Currently the permissions on the files are sufficient to cause nginx to return a 403 Forbidden error if these files are accessed in the web browser.

However, I would like nginx to completely deny the existence of this file and directory, and return 404 if someone tries to access them in the browser.

But wait, there's more!

What I really want to happen is for the browser to receive the 404 error page generated by Drupal. In Drupal's admin/settings/error-reporting page, I see that 404 errors are being sent to http://www.example.com/404error, a Drupal node with one of the Internet's more interesting 404 pages.

My nginx configuration already contains a @drupal block which passes a request to Drupal. So I want to pass the request to Drupal, but I don't want Drupal to try to serve the existing static file either, but to simply serve the 404 page.

location @drupal {
    rewrite ^/(.+)$        /index.php?q=$1 last;
}

Unfortunately, Google hasn't been too helpful here; most people seem to have the opposite problem. How do I cause requests for anything in the .git directory or the .gitignore file to be sent to Drupal's 404 page?

Michael Hampton
  • 237,123
  • 42
  • 477
  • 940

1 Answers1

2

Try creating a location block for the .git directory and set it to be internal. This should trigger 404 responses for any requests. If these aren't passed on to Drupal you may then need to define an error_page to do so.

location /.git {
    internal;
}
error_page 404 /notfound;

The other option is to just rewrite those requests to something nonexistent:

rewrite ^/.git /notfound;
mgorven
  • 30,036
  • 7
  • 76
  • 121