Welcome! Log In Create A New Profile

Advanced

Re: what's the simplest way to serve php files through an alias?

October 03, 2010 12:36AM
Thank you for your suggestion, I remember the vigorous discussion that took
place regarding this issue, in this particular case, this is a test /
development system so I'm not as concerned as I normally would be.

In our production environment, things are a bit more rigid.



On Sat, Oct 2, 2010 at 9:29 PM, António P. P. Almeida <appa@perusio.net>wrote:

> On 3 Out 2010 01h23 WEST, iberkner@gmail.com wrote:
>
> > [1 <multipart/alternative (7bit)>]
> > [1.1 <text/plain; ISO-8859-1 (quoted-printable)>]
> > Thanks,
> >
> > I tried it using "root" in the location, still no luck.
> >
> > Here's my config (the parts that matter), the location /nagios/ is
> > what's not working. What am I doing wrong? Thanks
> >
> > http
> > {
> > root /var/www/html;
> > server
> > {
> > listen 10.0.1.163;
> > server_name dev.testsite.com;
> > location /nagios/
> > {
> > root /usr/local/nagios/share;
> > index index.php;
> > }
> > location /
> > {
> > index index.php;
> > error_page 404 = @joomla;
> > log_not_found off;
> > }
> > location @joomla
> > {
> > rewrite ^(.*)$ /index.php?q=$1 last;
> > }
> >
> > location ~ \.php$
> > {
> > include fcgi;
> > fastcgi_pass 127.0.0.1:9000;
> > }
> >
> > }
> > }
>
> For security reasons I suggest you constrain which exact locations can
> be used for FastCGI. Using a generic regex for any file with php
> extension opens a big security hole. This was discussed not long ago
> on the list.
>
> Instead you should enumerate which files are to be handled by FastCGI
> and return a 404 for every other file that is not enumerated. E.g.,
>
> location ~* ^/index\.php$ {
> include fcgi;
> fastcgi_pass 127.0.0.1:9000;
> }
>
> And put at the end of the config file:
>
> # Any other attempt to access PHP files returns a 404.
> location ~* ^.+\.php$ {
> return 404;
> }
>
> --- appa
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx
Subject Author Posted

what's the simplest way to serve php files through an alias?

iberkner October 02, 2010 07:10PM

Re: what's the simplest way to serve php files through an alias?

António P. P. Almeida October 02, 2010 07:36PM

Re: what's the simplest way to serve php files through an alias?

iberkner October 02, 2010 08:28PM

Re: what's the simplest way to serve php files through an alias?

edogawaconan October 02, 2010 09:08PM

Re: what's the simplest way to serve php files through an alias?

iberkner October 03, 2010 12:34AM

Re: what's the simplest way to serve php files through an alias?

iberkner October 03, 2010 12:42AM

Re: what's the simplest way to serve php files through an alias?

António P. P. Almeida October 03, 2010 12:44AM

Re: what's the simplest way to serve php files through an alias?

edogawaconan October 03, 2010 12:44AM

Re: what's the simplest way to serve php files through an alias?

iberkner October 03, 2010 12:52AM

Re: what's the simplest way to serve php files through an alias?

António P. P. Almeida October 02, 2010 09:38PM

Re: what's the simplest way to serve php files through an alias?

iberkner October 03, 2010 12:36AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 137
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready