So i am curious on the security impacts on a windows server running nginx and php
And if you have the following php.ini settings disabled.
"cgi.force_redirect = 0"
I saw itpp2012 posted the following
[PATH=s:/webroot/domain.nl]
open_basedir = s:/webroot/domain.nl
doc_root = s:/webroot/domain.nl
error_reporting = E_ALL & ~E_NOTICE
error_log = s:/logging/php/domain.nl.errors.log
upload_tmp_dir = s:/webroot/domain.nl/uploads
session.save_path = s:/webroot/domain.nl/sessions
upload_max_filesize = 32M
post_max_size = 8M
disable_functions = "curl_exec,curl_multi_exec,dl,exec,parse_ini_file,passthru,popen,proc_open,proc_close,shell_exec,show_source,symlink,system"
But in regards to specific settings what should and should not be enabled or disabled for best Nginx and PHP security on windows does anyone know ?
I google and find so much to do with IIS but there is nothing for Nginx on Windows and PHP so i am not sure if the same rules apply ?