Nginx+Php-fpm Dangerous Bug

locojohn nginx-forum at
Sat Dec 3 12:49:53 UTC 2011

I feel that you are taking the wrong route, because you ignore numerous
suggestions from people on this forum to fix your PHP code, but here's
how to disable PHP scripts in myfolder:

location ~ ^/myfolder/.*\.php$ {
  return 403;

Which forum software are you running?  Perhaps, changing the forum
application will fix all of your problems without the need to alter
nginx confoguration.  Ask yourself why remote file inclusion is ever
necessary and why is it there in the first place?


Posted at Nginx Forum:,219532,219554#msg-219554

More information about the nginx mailing list