Hi, Is there a way to prevent Arbitrary HTTP Host header in Nginx? Penetration test has reported accepting arbitrary host headers. Thanks in Advance and I look forward to hearing from you. More Information as below:- https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/ https://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html Best Regards, Kauby kaushalshriyan - Nginx Mailing List - English
Hi, I am running nginx webserver and i have set the below location block in nginx.conf configuration file to prevent a file to download. When i hit http://example.com/web.config on the browser, the web.config file gets downloaded. It is not working. location ~* \.(config)$ { deny all; } I will appreciate if somebody can pitch in for help. Thanks in Advance. Best Regards, Kaushal _______by kaushalshriyan - Nginx Mailing List - English
On Mon, Jun 18, 2018 at 10:03 PM Kaushal Shriyan <kaushalshriyan@gmail.com> wrote: > > > On Sat, Jun 16, 2018 at 1:36 PM Aleksandar Lazic <al-nginx@none.at> wrote: > >> Hi. >> >> On 16/06/2018 10:56, Kaushal Shriyan wrote: >> >Hi, >> > >> >I am encountering 413 Request Entity Too Large in the browser. I have >> >added uby kaushalshriyan - Nginx Mailing List - English
Hi, I have set the below settings. /etc/php.ini max_input_time = 60 max_execution_time = 200 upload_max_size = 100M upload_max_filesize = 100M post_max_size = 100M /opt/nginx/conf/nginx.conf client_max_body_size 100M; I am encountering 413 Request Entity Too Large nginx/1.12.1 while uploading file of size 6MB. Any help will be highly appreciable. Thanks in Advance. Best Regby kaushalshriyan - Php-fpm Mailing List - English