.htaccess style support in existing nginx
contact at jpluscplusm.com
Fri Oct 26 10:00:47 UTC 2012
On 26 October 2012 09:38, rahul286 <nginx-forum at nginx.us> wrote:
> Yes, we will take whitelisting approach only.
> Rather than giving direct command like "nginx -t && service nginx reload"
> in sudoers list, we will create a small shell script, put it outside
> web-writable path (so php/web-scripts cannot alter it)
> www-data user will have sudo privilege on our script only
Don't forget the simplest DoS of all - just create a config file
snippet that causes "nginx -t" to fail.
Then no-one can reload.
(It's still a bad idea, sorry!)
Jonathan Matthews // Oxford, London, UK
More information about the nginx