From e7eb28c316a7767509e51f8ff0eead454008c885 Mon Sep 17 00:00:00 2001
From: Jay Rogers <jaydrogers@users.noreply.serversideup.net>
Date: Fri, 6 Feb 2026 13:33:25 -0600
Subject: [PATCH] Change DirectoryMatch to LocationMatch in Apache security
 configuration to enhance access control for sensitive files.

---
 .../fpm-apache/etc/apache2/conf-available/security.conf       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/variations/fpm-apache/etc/apache2/conf-available/security.conf b/src/variations/fpm-apache/etc/apache2/conf-available/security.conf
index f572f250..217b697b 100644
--- a/src/variations/fpm-apache/etc/apache2/conf-available/security.conf
+++ b/src/variations/fpm-apache/etc/apache2/conf-available/security.conf
@@ -66,9 +66,9 @@ Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains
 # for ACME challenges, security.txt, and other standardized endpoints.
 # https://www.rfc-editor.org/rfc/rfc8615
 # https://github.com/h5bp/server-configs-apache
-<DirectoryMatch "/\.(?!well-known/)">
+<LocationMatch "/\.(?!well-known/)">
     Require all denied
-</DirectoryMatch>
+</LocationMatch>
 
 # Block access to files that may expose sensitive information
 # Based on H5BP server configs: https://github.com/h5bp/server-configs-apache