From df7fc5e117cd46de5e01fc91aec074510d833a72 Mon Sep 17 00:00:00 2001 From: Javier Eguiluz Date: Sun, 19 Mar 2017 20:09:08 +0100 Subject: [PATCH 1/2] Added a note about the .htaccess files included by Symfony apps --- setup/web_server_configuration.rst | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/setup/web_server_configuration.rst b/setup/web_server_configuration.rst index 22a375d3cac..505dc6b3141 100644 --- a/setup/web_server_configuration.rst +++ b/setup/web_server_configuration.rst @@ -306,7 +306,7 @@ The **minimum configuration** to get your application running under Nginx is: # Remove the internal directive to allow URIs like this internal; } - + # return 404 for all other php files not matching the front controller # this prevents access to other php files you don't want to be accessible. location ~ \.php$ { @@ -336,6 +336,12 @@ The **minimum configuration** to get your application running under Nginx is: or ``config.php`` scripts (i.e. ``http://example.com/app_dev.php`` and ``http://example.com/config.php``). If you *can* access these, be sure to remove the ``DEV`` section from the above configuration. +.. note:: + + By default, Symfony applications include several ``.htaccess`` files to prevent + unauthorized access to the source and config directories. Those files are + only useful when using Apache, so you can safely remove them when using Nginx. + For advanced Nginx configuration options, read the official `Nginx documentation`_. .. _`Apache documentation`: http://httpd.apache.org/docs/ From 861a8114e4c0ea9973d362e00fb4dda5bb20c4d4 Mon Sep 17 00:00:00 2001 From: Javier Eguiluz Date: Sun, 19 Mar 2017 20:10:21 +0100 Subject: [PATCH 2/2] Reword --- setup/web_server_configuration.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/setup/web_server_configuration.rst b/setup/web_server_configuration.rst index 505dc6b3141..c43f4294307 100644 --- a/setup/web_server_configuration.rst +++ b/setup/web_server_configuration.rst @@ -338,9 +338,10 @@ The **minimum configuration** to get your application running under Nginx is: .. note:: - By default, Symfony applications include several ``.htaccess`` files to prevent - unauthorized access to the source and config directories. Those files are - only useful when using Apache, so you can safely remove them when using Nginx. + By default, Symfony applications include several ``.htaccess`` files to + configure redirections and to prevent unauthorized access to some sensitive + directories. Those files are only useful when using Apache, so you can + safely remove them when using Nginx. For advanced Nginx configuration options, read the official `Nginx documentation`_.