apache: block access to .git* and .env* files

apache/files/evolinux-defaults.conf

@@ -48,15 +48,23 @@ MaxKeepAliveRequests 10
     Deny from env=GoAway
 </Directory>
 
+<DirectoryMatch "/\.git">
+    # We don't want to let the client know a file exist on the server,
+    # so we return 404 "Not found" instead of 403 "Forbidden".
+    Redirect 404
+</DirectoryMatch>
 
-<Files ~ "\.(inc|bak)$">
-    Require all denied
-</Files>
+# File names starting with
+<FilesMatch "^\.(git|env)">
+    Redirect 404
+</FilesMatch>
 
+# File names ending with
+<FilesMatch "\.(inc|bak)$">
+    Redirect 404
+</FilesMatch>
 
 <LocationMatch "^/evolinux_fpm_status-.*">
     Require all denied
 </LocationMatch>
 
-# Block http request on /.git
-RedirectMatch 404 /\.git