Hello folk,
I'm new to this mailing list and since nginx will probably never
implement htaccess support (good decision I think), I thought of posting
an improvment/feature reqeust.
Because there are some hosting systems beginning to support nginx (ex.
Froxlor - http://froxlor.org) and it is not really practical to have
customers have to submit a support ticket for every single rewrite they
need etc I thouight nginx could be improved by something like htaccess-lite.
I agree with the nginx devs that a full htaccess implementation would
not be really good for the performance but some implementation for
includes where the usage security relevant directives (ex. proxy_pass,
root...) and syntax errors will just cause nginx to ignore this include
would be nice to have the customers make their own rewrite or deny
configurations - this could also solve the problem with htpasswd since
this could be configured there.
I can not simply include a config of a customer since I can't trust him.
>From the view of security it would not be a good idea and even if I
could trust the customer in that point he could misconfigure nginx so it
would fail to start up, therefore a directive named something like
user_include which is covering these points is a thing I would like to
have on nginx.
For the people who don't need it, it could be disabled in default builds
but for hosting projects where customers may need to set some own
rewrites, directory permissions and maybe directory protections through
Basic Auth this could be a good solution and enabled on compile or
included as a module.
What do you think of this idea? I could not find any similar suggestion
so I thought posting it here would be a good idea to let you know about
it and get some feedback on it.
Kind regards
Pascal Nitsche
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://nginx.org/mailman/listinfo/nginx-devel