Matomo - ProxyPass /config!

Maxinebob · September 12, 2023, 12:37pm

I’m installing Matomo, this observation appears in “System Check”.
Would anyone know how to fix this?

PHP FPM will ignore .htaccess rules for .php files. To ensure that sensitive files cannot be accessed directly it is recommended to exclude certain directories from being handled by PHP FPM by adding the line ProxyPass /config ! to the mod_proxy_fcgi.c section in your apache virtual host config just above the ProxyPassMatch line.

pluto · September 13, 2023, 4:10am

Perhaps not an answer to your question, but I’m running Matomo in Hestia with a PHP proxy + Apache config, and it seems happier with that, I’m guessing because it can use .htaccess to block the requests.

If running under that config is not possible for you, then possibly you should look at creating an nginx template for matomo, containing the suggested config, and activating it for that site.