From 1c587c5e53d3cb8bf3e64b8099d15a7db2eb03a6 Mon Sep 17 00:00:00 2001
From: FoW <fow@netspheres.org>
Date: Sat, 10 Feb 2024 17:54:25 +0900
Subject: [PATCH] Adds production.conf security configuration missing in
 version 0.7.2

---
 nginx/production | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nginx/production b/nginx/production
index 296ede70c..a1ddc7d4a 100644
--- a/nginx/production
+++ b/nginx/production
@@ -96,7 +96,7 @@ server {
 #     # directly serve images and static files from the
 #     # bookwyrm filesystem using sendfile.
 #     # make the logs quieter by not reporting these requests
-#     location ~ \.(bmp|ico|jpg|jpeg|png|svg|tif|tiff|ttf|webp|css|js)$ {
+#     location ~ \.(bmp|ico|jpg|jpeg|png|svg|tif|tiff|ttf|webp|css|js|woff|ttf)$ {
 #         root /app;
 #         try_files $uri =404;
 #         add_header X-Cache-Status STATIC;
@@ -104,7 +104,7 @@ server {
 #     }
 
 #     # block access to any non-image files from images or static
-#     location ~ ^/images/ {
+#     location ~ ^/(images|static)/ {
 #          return 403;
 #     }
 #