My point is: The bad example does something, which is extremely inefficient but it just works. It has no side effects concerning security. All files are parsed by PHP, so no unparsed configuration files can leek. The "good example" only handles requests to the FastCGI instance if the file or directory can not be found by nginx. This is clearly not the same although the whole intentioby Lukas0907 - Nginx Mailing List - English
Hi, I discovered a vulnerability in your best practice wiki article: http://wiki.nginx.org/Pitfalls#Proxy_Everything The configuration which is promoted as "good" doesn't work as intended: <<<>>> server { server_name _; root /var/www/site; location / { try_files $uri $uri/ @proxy; } location @proxy { include fastcgi_pby Lukas0907 - Nginx Mailing List - English