Nginx+Php-fpm Dangerous Bug
Oleksandr V. Typlyns'kyi
wangsamp at gmail.com
Sat Dec 3 10:01:18 UTC 2011
Today Dec 3, 2011 at 04:48 escavern wrote:
> correction:
>
> ok thanks man.. :)
> now i need 2 nginx rewrite :
>
> 1. to disable php running in folder /myfolder
> so if there is a php file like
> http://www.my-domain.com/myfolder/script.php it will not be executed.
http://nginx.org/en/docs/http/ngx_http_core_module.html#location
location ^~ /myfolder {}
> 2. i need rewrite to return 403 if
> "http://www.ceriwis.org/rfi.php?hal=ass.jpg" same as
> "http://www.ceriwis.org/rfi.php*.jpg* so if there is "jpg" after the php
> extension it will return 403... is that possible ? because im not good
> creating nginx rewrite :)
Add to location ~ \.php$ :
if ($args ~* \.jpg) {return 403;}
--
WNGS-RIPE
More information about the nginx
mailing list