From 6d69306d00de5fb6b559e7648aca838fa0ceba84 Mon Sep 17 00:00:00 2001
From: Tobias Perschon <tofuSCHNITZEL@users.noreply.github.com>
Date: Thu, 29 Aug 2024 13:11:04 +0200
Subject: [PATCH 1/2] Update nginx-root.conf.sample

Signed-off-by: Tobias Perschon <tofuSCHNITZEL@users.noreply.github.com>
---
 admin_manual/installation/nginx-root.conf.sample | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/admin_manual/installation/nginx-root.conf.sample b/admin_manual/installation/nginx-root.conf.sample
index 550364749c2..00ce01f68aa 100644
--- a/admin_manual/installation/nginx-root.conf.sample
+++ b/admin_manual/installation/nginx-root.conf.sample
@@ -136,6 +136,16 @@ server {
     location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)  { return 404; }
     location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; }
 
+    # Hide grunt, package files
+    location ~* (Gruntfile|package)\.(js|json|jsonc)$ {
+        return 404;
+    }
+
+    # Hide all composer files
+    location ~* composer\. {
+        return 404;
+    }
+
     # Ensure this block, which passes PHP files to the PHP process, is above the blocks
     # which handle static assets (as seen below). If this block is not declared first,
     # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`

From 9e86b7cd52cce2b91edfbb7389f1e0058d6e7640 Mon Sep 17 00:00:00 2001
From: Tobias Perschon <tofuSCHNITZEL@users.noreply.github.com>
Date: Thu, 29 Aug 2024 13:14:54 +0200
Subject: [PATCH 2/2] Update nginx-subdir.conf.sample

Signed-off-by: Tobias Perschon <tofuSCHNITZEL@users.noreply.github.com>
---
 admin_manual/installation/nginx-subdir.conf.sample | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/admin_manual/installation/nginx-subdir.conf.sample b/admin_manual/installation/nginx-subdir.conf.sample
index da9b56d48ea..191b621f818 100644
--- a/admin_manual/installation/nginx-subdir.conf.sample
+++ b/admin_manual/installation/nginx-subdir.conf.sample
@@ -135,6 +135,16 @@ server {
         location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/)    { return 404; }
         location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console)                  { return 404; }
 
+	# Hide grunt, package files
+        location ~* (Gruntfile|package)\.(js|json|jsonc)$ {
+	    return 404;
+	}
+	
+	# Hide all composer files
+        location ~* composer\. {
+	    return 404;
+	}
+
         # Ensure this block, which passes PHP files to the PHP process, is above the blocks
         # which handle static assets (as seen below). If this block is not declared first,
         # then Nginx will encounter an infinite rewriting loop when it prepends