MokoConsulting/moko-platform
1
0
Fork 0
Code Issues 6 Pull Requests Releases 8 Wiki Activity
Files
dev
moko-platform/templates/security
T
History
Jonathan Miller ae2860c3b5
Generic: Repo Health / Site Health (push) Has been skipped
Details
Universal: PR Check / Branch Policy (pull_request) Successful in 6s
Details
Generic: Repo Health / Access control (push) Successful in 9s
Details
Universal: PR Check / Validate PR (pull_request) Failing after 10s
Details
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 22s
Details
Universal: Auto Version Bump / Version Bump (push) Failing after 23s
Details
Platform: moko-platform CI / Gate 1: Code Quality (push) Failing after 1m13s
Details
Platform: moko-platform CI / Gate 1: Code Quality (pull_request) Failing after 1m17s
Details
Platform: moko-platform CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Details
Platform: moko-platform CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Details
Platform: moko-platform CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Details
Platform: moko-platform CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Details
Platform: moko-platform CI / Gate 4: Governance (pull_request) Has been cancelled
Details
Platform: moko-platform CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Details
Platform: moko-platform CI / CI Summary (pull_request) Has been cancelled
Details
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Details
Platform: moko-platform CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Details
Platform: moko-platform CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Details
Platform: moko-platform CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Details
Platform: moko-platform CI / Gate 3: Self-Health Check (push) Has been cancelled
Details
Platform: moko-platform CI / Gate 4: Governance (push) Has been cancelled
Details
Platform: moko-platform CI / Gate 5: Template Integrity (push) Has been cancelled
Details
Platform: moko-platform CI / CI Summary (push) Has been cancelled
Details
Generic: Repo Health / Release configuration (push) Has been cancelled
Details
Generic: Repo Health / Scripts governance (push) Has been cancelled
Details
Generic: Repo Health / Repository health (push) Has been cancelled
Details
chore(release): bump to 09.22.00 — CliFramework migration 
Authored-by: Moko Consulting
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-05-31 12:14:34 -05:00
..
index.html
feat: add all templates from MokoStandards
2026-04-16 19:23:09 -05:00
index.php
chore(release): bump to 09.22.00 — CliFramework migration
2026-05-31 12:14:34 -05:00
README.md
chore(release): bump to 09.22.00 — CliFramework migration
2026-05-31 12:14:34 -05:00

README.md

Security Templates

This directory contains security-related templates for moko-platform repositories.

index.html - Directory Listing Prevention (Static)

Purpose: Prevents directory listing on static web servers for security purposes.

Usage: Copy this file to all src/ directories and their subdirectories in organization repositories.

# Copy to src directory and all subdirectories
find src -type d -exec cp templates/security/index.html {} \;

Policy: All organization repositories must include an index.html redirect file in:

  • src/ directory (if it exists)
  • All subdirectories under src/

Security Rationale:

  • Prevents web servers from exposing directory contents
  • Redirects users to the repository root
  • Uses noindex, nofollow meta tags to prevent search engine indexing
  • Provides immediate redirect via both meta refresh and JavaScript

Template Features:

  • Redirects to / (repository root)
  • Minimal, clean design
  • Works with and without JavaScript
  • SEO-safe with noindex directive

index.php - Directory Listing Prevention (PHP)

Purpose: Prevents directory listing on PHP-enabled web servers for security purposes.

Usage: Copy this file to all src/ directories and their subdirectories in PHP-based organization repositories.

# Copy to src directory and all subdirectories
find src -type d -exec cp templates/security/index.php {} \;

Policy: All PHP-based organization repositories must include an index.php redirect file in:

  • src/ directory (if it exists)
  • All subdirectories under src/

Security Rationale:

  • Provides server-side redirect before any HTML is rendered
  • Prevents web servers from exposing directory contents
  • Includes HTTP header redirect for immediate response
  • Falls back to HTML/JavaScript redirect if needed
  • Works with PHP-enabled web servers

Template Features:

  • PHP header redirect (highest priority)
  • HTML meta refresh fallback
  • JavaScript redirect fallback
  • noindex, nofollow meta tags
  • GPL-3.0-or-later licensed
  • Proper PHP security headers

Usage Recommendation

For PHP projects (e.g., Dolibarr/MokoCRM):

  • Use both index.php and index.html
  • PHP will take precedence when available
  • HTML provides fallback for static serving

For non-PHP projects (e.g., Node.js, static sites):

  • Use index.html only

Copy both files:

# Copy both security templates to all src subdirectories
find src -type d -exec sh -c 'cp templates/security/index.html "$1" && cp templates/security/index.php "$1"' _ {} \;
Reference in New Issue View Git Blame Copy Permalink