|
|
|
|
|
|
by ilyt
1087 days ago
|
|
|
It would absolutely prevent it. Run app as one user, nginx as other, go-rwx on all app files, set the group of the "static" files as www-data and g+r on them and now web server can't access app files. It's LITERALLY app hosting 101 and people did it that way 20+ years ago. |
|
|