Welcome! Log In Create A New Profile

Re: .htaccess style support in existing nginx

Forum List Message List New Topic Print View

Jonathan Matthews

October 26, 2012 06:02AM

On 26 October 2012 09:38, rahul286 <nginx-forum@nginx.us> wrote:
> Yes, we will take whitelisting approach only.
>
> Rather than giving direct command like "nginx -t && service nginx reload"
> in sudoers list, we will create a small shell script, put it outside
> web-writable path (so php/web-scripts cannot alter it)
>
> www-data user will have sudo privilege on our script only

Don't forget the simplest DoS of all - just create a config file
snippet that causes "nginx -t" to fail.
Then no-one can reload.

(It's still a bad idea, sorry!)

Jonathan
--
Jonathan Matthews // Oxford, London, UK
http://www.jpluscplusm.com/contact.html

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
.htaccess style support in existing nginx	rahul286	October 25, 2012 02:08AM
Re: .htaccess style support in existing nginx	Andre Jaenisch	October 25, 2012 05:50AM
Re: .htaccess style support in existing nginx	rahul286	October 25, 2012 06:02AM
Re: .htaccess style support in existing nginx	Jonathan Matthews	October 25, 2012 07:58AM
Re: .htaccess style support in existing nginx	rahul286	October 25, 2012 08:51AM
Re: .htaccess style support in existing nginx	rahul286	October 25, 2012 08:57AM
Re: .htaccess style support in existing nginx	Andre Jaenisch	October 26, 2012 04:22AM
Re: .htaccess style support in existing nginx	rahul286	October 26, 2012 04:38AM
Re: .htaccess style support in existing nginx	Jonathan Matthews	October 26, 2012 06:02AM
Re: .htaccess style support in existing nginx	rahul286	October 26, 2012 07:43AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 288

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018