{"id":7103,"date":"2020-10-18T20:34:47","date_gmt":"2020-10-19T01:34:47","guid":{"rendered":"https:\/\/www.rushworth.us\/lisa\/?p=7103"},"modified":"2020-10-27T22:22:14","modified_gmt":"2020-10-28T03:22:14","slug":"list-extensions-within-folder","status":"publish","type":"post","link":"https:\/\/www.rushworth.us\/lisa\/?p=7103","title":{"rendered":"List Extensions Within Folder"},"content":{"rendered":"

It didn’t occur to me that Apache serves everything under a folder and the .git folder may well be under a folder (you can<\/em> have your project up a level so there’s a single folder at the root of the project & that folder is DocumentRoot for the web site). Without knowing specific file names, you cannot get anything since directory browsing is disabled. But git has a well-known structure so browsing to \/.git\/index or really scary for someone who stuffs their password in the repo URL \/.git\/config is there and Apache happily serves it unless you’ve provided instructions otherwise.<\/p>\n

A coworker brought up the intriguing idea of, instead of blocking the .git folder so things subordinate to .git are never served, having a specific list of known good extensions the web server was willing to serve. Which … ironically was one of the things I really<\/em> didn’t like about IIS. Kind of like the extra frustration of driving behind someone who is going the speed limit. Frustrating because I want to go faster, extra frustrating because they aren’t actually wrong<\/em>.<\/p>\n

But configuring a list of good-to-serve extensions means you’ve got to get a handle on what extensions are on your server in the first place. This command provides a list of extensions and a count per extension (so you can easily identify one-offs that may not be needed):<\/p>\n

find \/path\/to\/search\/ -type f | perl -ne 'print $1 if m\/\\.([^.\\\/]+)$\/' | sort | uniq -c<\/pre>\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
It didn’t occur to me that Apache serves everything under a folder and the .git folder may well be under a folder (you can have your project up a level so there’s a single folder at the root of the project & that folder is DocumentRoot for the web site). Without knowing specific file names, …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[30],"tags":[1122,233,69],"class_list":["post-7103","post","type-post","status-publish","format-standard","hentry","category-system-administration","tag-apache-httpd","tag-git","tag-security"],"_links":{"self":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/7103","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=7103"}],"version-history":[{"count":1,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/7103\/revisions"}],"predecessor-version":[{"id":7104,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=\/wp\/v2\/posts\/7103\/revisions\/7104"}],"wp:attachment":[{"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=7103"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=7103"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.rushworth.us\/lisa\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=7103"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}