Jonathan Miller
ae2860c3b5
Generic: Repo Health / Site Health (push) Has been skipped
Universal: PR Check / Branch Policy (pull_request) Successful in 6s
Generic: Repo Health / Access control (push) Successful in 9s
Universal: PR Check / Validate PR (pull_request) Failing after 10s
Universal: Secret Scanning / Gitleaks Secret Scan (pull_request) Successful in 22s
Universal: Auto Version Bump / Version Bump (push) Failing after 23s
Platform: moko-platform CI / Gate 1: Code Quality (push) Failing after 1m13s
Platform: moko-platform CI / Gate 1: Code Quality (pull_request) Failing after 1m17s
Platform: moko-platform CI / Gate 2: Unit Tests (8.1) (pull_request) Has been cancelled
Platform: moko-platform CI / Gate 2: Unit Tests (8.2) (pull_request) Has been cancelled
Platform: moko-platform CI / Gate 2: Unit Tests (8.3) (pull_request) Has been cancelled
Platform: moko-platform CI / Gate 3: Self-Health Check (pull_request) Has been cancelled
Platform: moko-platform CI / Gate 4: Governance (pull_request) Has been cancelled
Platform: moko-platform CI / Gate 5: Template Integrity (pull_request) Has been cancelled
Platform: moko-platform CI / CI Summary (pull_request) Has been cancelled
Universal: PR Check / Build RC Package (pull_request) Has been cancelled
Platform: moko-platform CI / Gate 2: Unit Tests (8.1) (push) Has been cancelled
Platform: moko-platform CI / Gate 2: Unit Tests (8.2) (push) Has been cancelled
Platform: moko-platform CI / Gate 2: Unit Tests (8.3) (push) Has been cancelled
Platform: moko-platform CI / Gate 3: Self-Health Check (push) Has been cancelled
Platform: moko-platform CI / Gate 4: Governance (push) Has been cancelled
Platform: moko-platform CI / Gate 5: Template Integrity (push) Has been cancelled
Platform: moko-platform CI / CI Summary (push) Has been cancelled
Generic: Repo Health / Release configuration (push) Has been cancelled
Generic: Repo Health / Scripts governance (push) Has been cancelled
Generic: Repo Health / Repository health (push) Has been cancelled
Authored-by: Moko Consulting Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
88 lines
2.9 KiB
Markdown
88 lines
2.9 KiB
Markdown
<!--
|
|
Copyright (C) 2026 Moko Consulting <hello@mokoconsulting.tech>
|
|
SPDX-License-Identifier: GPL-3.0-or-later
|
|
FILE INFORMATION
|
|
DEFGROUP: MokoPlatform.Index
|
|
INGROUP: MokoPlatform.Templates.Security
|
|
REPO: https://git.mokoconsulting.tech/MokoConsulting/moko-platform
|
|
PATH: /templates/security/README.md
|
|
BRIEF: Security templates README
|
|
-->
|
|
|
|
# Security Templates
|
|
|
|
This directory contains security-related templates for moko-platform repositories.
|
|
|
|
## index.html - Directory Listing Prevention (Static)
|
|
|
|
**Purpose**: Prevents directory listing on static web servers for security purposes.
|
|
|
|
**Usage**: Copy this file to all `src/` directories and their subdirectories in organization repositories.
|
|
|
|
```bash
|
|
# Copy to src directory and all subdirectories
|
|
find src -type d -exec cp templates/security/index.html {} \;
|
|
```
|
|
|
|
**Policy**: All organization repositories must include an `index.html` redirect file in:
|
|
- `src/` directory (if it exists)
|
|
- All subdirectories under `src/`
|
|
|
|
**Security Rationale**:
|
|
- Prevents web servers from exposing directory contents
|
|
- Redirects users to the repository root
|
|
- Uses `noindex, nofollow` meta tags to prevent search engine indexing
|
|
- Provides immediate redirect via both meta refresh and JavaScript
|
|
|
|
**Template Features**:
|
|
- Redirects to `/` (repository root)
|
|
- Minimal, clean design
|
|
- Works with and without JavaScript
|
|
- SEO-safe with noindex directive
|
|
|
|
## index.php - Directory Listing Prevention (PHP)
|
|
|
|
**Purpose**: Prevents directory listing on PHP-enabled web servers for security purposes.
|
|
|
|
**Usage**: Copy this file to all `src/` directories and their subdirectories in PHP-based organization repositories.
|
|
|
|
```bash
|
|
# Copy to src directory and all subdirectories
|
|
find src -type d -exec cp templates/security/index.php {} \;
|
|
```
|
|
|
|
**Policy**: All PHP-based organization repositories must include an `index.php` redirect file in:
|
|
- `src/` directory (if it exists)
|
|
- All subdirectories under `src/`
|
|
|
|
**Security Rationale**:
|
|
- Provides server-side redirect before any HTML is rendered
|
|
- Prevents web servers from exposing directory contents
|
|
- Includes HTTP header redirect for immediate response
|
|
- Falls back to HTML/JavaScript redirect if needed
|
|
- Works with PHP-enabled web servers
|
|
|
|
**Template Features**:
|
|
- PHP header redirect (highest priority)
|
|
- HTML meta refresh fallback
|
|
- JavaScript redirect fallback
|
|
- `noindex, nofollow` meta tags
|
|
- GPL-3.0-or-later licensed
|
|
- Proper PHP security headers
|
|
|
|
## Usage Recommendation
|
|
|
|
**For PHP projects** (e.g., Dolibarr/MokoCRM):
|
|
- Use both `index.php` and `index.html`
|
|
- PHP will take precedence when available
|
|
- HTML provides fallback for static serving
|
|
|
|
**For non-PHP projects** (e.g., Node.js, static sites):
|
|
- Use `index.html` only
|
|
|
|
**Copy both files:**
|
|
```bash
|
|
# Copy both security templates to all src subdirectories
|
|
find src -type d -exec sh -c 'cp templates/security/index.html "$1" && cp templates/security/index.php "$1"' _ {} \;
|
|
```
|