nginx rules to deny php/perl execution

António P. P. Almeida appa at perusio.net
Sat Nov 20 22:00:01 MSK 2010


On 20 Nov 2010 18h39 WET, nginx-forum at nginx.us wrote:

> Hello,
>
> I have some directories (cache, static, etc) that denies execution
> of some files.  In these directories I have a .htaccess file with
> this rule:
>
>
> Order allow,deny
> Deny from all
>
>
> I would like to test nginx with php-fpm but I don't know how to
> rewrite these rules in nginx Can someone help me?

Yes constrain exactly the locations where you pass the request
upstream to FCGI or another server that handles PHP and/or Perl.

Precede those FCGI/upstream related directives with one (or several)
that serve static files from those locations (static, cache, &c). That
way if someone uploads a file that has a forged magic number (e.g.,
php passing as jpeg) they'll get the file served directly.

--- appa




More information about the nginx mailing list