.htaccess style support in existing nginx

Jonathan Matthews contact at jpluscplusm.com
Fri Oct 26 10:00:47 UTC 2012

On 26 October 2012 09:38, rahul286 <nginx-forum at nginx.us> wrote:
> Yes, we will take whitelisting approach only.
> Rather than giving direct command  like "nginx -t && service nginx reload"
> in sudoers list, we will create a small shell script, put it outside
> web-writable path (so php/web-scripts cannot alter it)
> www-data user will have sudo privilege on our script only

Don't forget the simplest DoS of all - just create a config file
snippet that causes "nginx -t" to fail.
Then no-one can reload.

(It's still a bad idea, sorry!)

Jonathan Matthews // Oxford, London, UK

More information about the nginx mailing list