Check out this thread and see if it answers your question:

http://mailman.nginx.org/pipermail/nginx/2011-November/030503.html

It's not precisely the same, since you have rfi.php?hal=ass.jpg and not
rfi.php/ass.jpg, but it feels like the same bug, and you're only a
rewrite rule away from having exactly the problem command line.

The short answer is to add this:

try_files $uri =404;

or this:

if (!-f $request_filename) { return 404; }

to your PHP configuration in the PHP fastcgi configuration block.

Tim

On 12/2/2011 9:49 PM, escavern wrote:
> the image file is JPEG
> you can see the image file here:
>
>
> http://www.ceriwis.org/ass.jpg
>
> http://ceri.ws/ass.jpg
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,219523,219524#msg-219524
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx