Welcome! Log In Create A New Profile

Advanced

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

April 06, 2011 11:29AM
I created this conf file following a couple of how to's on the internet. I use this template for creating wordpress sites (hence the total cache references)

#
# Servidor: name.server.tld
# Cliente: template / Dominio: www.domain.tld
# Revisión: 19/3/2011
#
server {
server_name www.domain.tld domain.tld;
root /home/clientes/tamplate/domain.tld;
index index.php;

listen 1.1.1.1:80;
#listen 1.1.1.1:443;

#ssl on;
#ssl_certificate /usr/local/nginx/conf/certs/domain_bundle.crt;
#ssl_certificate_key /usr/local/nginx/conf/certs/domain.key;

error_page 404 = @wordpress;
log_not_found off;

location ^~ /files/ {
rewrite /files/(.+) /wp-includes/ms-files.php?file=$1 last;
}

# Rewrite minified CSS and JS files
rewrite ^/wp-content/w3tc/min/([a-f0-9]+)\/(.+)\.(include(\-(footer|body))?(-nb)?)\.[0-9]+\.(css|js)$ /wp-content/w3tc/min/index.php?tt=$1&gg=$2&g=$3&t=$7 last;

# Set a variable to work around the lack of nested conditionals
set $cache_uri $request_uri;

# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $cache_uri 'no cache';
}
if ($query_string != "") {
set $cache_uri 'no cache';
}
# Don't cache uris containing the following segments
if ($request_uri ~* "(\/wp-admin\/|\/xmlrpc.php|\/wp-(app|cron|login|register|mail)\.php|wp-.*\.php|index\.php|\/cuenta\/|\/compra\/|wp\-comments\-popup\.php|wp\-l${
set $cache_uri "no cache";
}

# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp\-postpass|wordpress_logged_in") {
set $cache_uri 'no cache';
}
# Use cached or actual file if they exists, otherwise pass request to WordPress
location / {
try_files /wp-content/w3tc/pgcache/$cache_uri/_index.html $uri $uri/ /index.php;
}
# Cache static files for as long as possible
location ~* \.(xml|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)${
try_files $uri =404;
expires max;
access_log off;
}
# Deny access to hidden files
location ~* /\.ht {
deny all;
access_log off;
log_not_found off;
}
location @wordpress {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
include fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
location ~ \.php$ {
try_files $uri @wordpress;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ^~ /blogs.dir/ {
internal;
root /home/clientes/template/name/wp-content;
}
}
Subject Author Posted

Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

Lukas0907 March 08, 2011 09:33AM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

Ensiferous March 08, 2011 11:08AM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

António P. P. Almeida March 08, 2011 02:18PM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

Cliff Wells March 08, 2011 02:28PM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

Lukas0907 March 08, 2011 02:37PM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

Cliff Wells March 08, 2011 02:48PM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

António P. P. Almeida March 08, 2011 09:48PM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

Adrian von Stechow March 09, 2011 01:04AM

Re: Vulnerability in "Proxy Everything" (Wiki article Pitfalls)

genarg April 06, 2011 11:29AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 319
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready