Update default.conf.sample to deny dotfile access

[nemchik]

No description provided.

[LinuxServer-CI]

I am a bot, here is the pushed image/manifest for this PR:

ghcr.io/linuxserver/lspipepr-mastodon:develop-v4.5.0-rc.3-pkg-f4fc4fd7-dev-277d121decaa1348e27037c6b3ea1409a4b378c2-pr-134

[LinuxServer-CI]

I am a bot, here is the pushed image/manifest for this PR:

ghcr.io/linuxserver/lspipepr-mastodon:develop-v4.5.0-rc.3-pkg-9819c569-dev-4058969ed5b94ebe7d5bc562f40235903d6e475e-pr-134

[LinuxServer-CI]

I am a bot, here is the pushed image/manifest for this PR:

ghcr.io/linuxserver/lspipepr-mastodon:develop-v4.5.0-rc.3-pkg-76997fbf-dev-788896c086cb250f897eef2b55d4d2b2703019db-pr-134

[LinuxServer-CI]

This pull request has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.

[Copilot]

Pull request overview

Updates the container’s default Nginx site config sample to prevent serving dotfiles (while still allowing /.well-known), and records the change in the generated README changelog.

Changes:

• Add an explicit allow-list for /.well-known and a blanket deny for all dotfiles in the default Nginx sample config.
• Remove the older .ht*-specific deny rule since dotfiles are now handled generically.
• Update the sample config version header and add a README changelog entry (also adds QUIC listeners on 443).

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

File	Description
root/defaults/nginx/site-confs/default.conf.sample	Adds /.well-known allow and global dotfile deny; removes legacy .ht* block; also adds QUIC listen directives.
readme-vars.yml	Adds a changelog entry instructing existing users to update their Nginx config.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.