Protect against php files being send as static files
Francis Daly
francis at daoine.org
Tue Mar 5 23:59:40 UTC 2019
On Tue, Mar 05, 2019 at 06:50:54AM -0500, Olaf van der Spek wrote:
Hi there,
> Is there a way to protect against php files being send as static files /
> source due to some php specific configuration being missed (by accident)?
> Another web server has this by default: static-file.exclude-extensions = (
> ".php", ".pl", ".fcgi" )
I don't think that stock-nginx has a configuration directive for this.
"Not putting files that you don't want sent, into a directory that nginx
has been told to send files from", would probably be the safest way to
avoid external misconfiguration.
f
--
Francis Daly francis at daoine.org
More information about the nginx
mailing list