Welcome! Log In Create A New Profile

Advanced

prevent public access to a config file

Posted by tkbeat78 
prevent public access to a config file
September 16, 2009 05:30AM
Hi,

following problem : one of our servers is working with nginx .
in one folder there is a .htaccess which was usually designed to work with an apache webserver to prevent public access to subfolders and files . But in nginx the .htaccess isnt work correctly so that i can read a configfile in my browser if i know the correct path to it.

can anyone tell me how i can explizit prevent access to a file or a folder in the nginx conf or with the .htaccess file ?

The .htaccess file which isnt working :

Order deny,allow
Deny from all

I'd tried allready to chmod the configfile which i wanna try to hide from public access to 640 with the result that the whole php application did stopped working immidately.

best regards
tkbeat
Re: prevent public access to a config file
September 17, 2009 12:47PM
Try:

[code]
location /path/to/config.file {
allow 127.0.0.1;
deny all;
}
[/code]

--
Jim Ohlstein
Re: prevent public access to a config file
September 17, 2009 12:49PM
Another possibility is to change ownership of the file to the nginx worker's user and chmod to 600.

--
Jim Ohlstein
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 75
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready