On 15 Jan 2013 20h39 CET, dnblankedelman@gmail.com wrote:
> Hi- I suspect this is a simple (read: stupid) question, but is there
> a PHP-FPM equivalent to the mod_php directive for restricting PHP
> execution, i.e.:
>
> <Directory ${WWWDOCROOT}>
> ...
> php_admin_flag engine off
>
> ...
> </Directory>
>
> I realize I can block access to files with a .php suffix so it never
> reaches FPM, but is there a closer equivalent? Thanks!
As Anatoly already said: the problem should be posed differently. That
is, you should enumerate your PHP scripts or find a way to constrain
execution to specific patterns, so that *those and only those* files
are sent to FCGI. Then as a final measure just add a regex based
location like this:
location ~* \.php$ {
return 404;
}
--- appa