nginx rules to deny php/perl execution

António P. P. Almeida appa at perusio.net
Sat Nov 20 23:05:40 MSK 2010


On 20 Nov 2010 19h50 WET, nginx-forum at nginx.us wrote:

> Hello again,
>
> Just test some rules and after some testing I have this:
>
> [code]
> 	location ~ ^/(cache|static|etc)/  {
> root /var/www;
> if ( $request_filename ~* "^.+\.(php|pl|php3|php4|php5)$" ) {
> return 403;
> }
>}
I don't see why you need the if. If the order is correct in the config
file then a simple location will do. Without the if.

Does the root directive needs to be in this context? Can it be moved
to a server context or any other location above the current?

--- appa




More information about the nginx mailing list