what's the simplest way to serve php files through an alias?
António P. P. Almeida
appa at perusio.net
Sun Oct 3 05:29:19 MSD 2010
On 3 Out 2010 01h23 WEST, iberkner at gmail.com wrote:
> [1 <multipart/alternative (7bit)>]
> [1.1 <text/plain; ISO-8859-1 (quoted-printable)>]
> Thanks,
>
> I tried it using "root" in the location, still no luck.
>
> Here's my config (the parts that matter), the location /nagios/ is
> what's not working. What am I doing wrong? Thanks
>
> http
> {
> root /var/www/html;
> server
> {
> listen 10.0.1.163;
> server_name dev.testsite.com;
> location /nagios/
> {
> root /usr/local/nagios/share;
> index index.php;
> }
> location /
> {
> index index.php;
> error_page 404 = @joomla;
> log_not_found off;
> }
> location @joomla
> {
> rewrite ^(.*)$ /index.php?q=$1 last;
> }
>
> location ~ \.php$
> {
> include fcgi;
> fastcgi_pass 127.0.0.1:9000;
> }
>
> }
> }
For security reasons I suggest you constrain which exact locations can
be used for FastCGI. Using a generic regex for any file with php
extension opens a big security hole. This was discussed not long ago
on the list.
Instead you should enumerate which files are to be handled by FastCGI
and return a 404 for every other file that is not enumerated. E.g.,
location ~* ^/index\.php$ {
include fcgi;
fastcgi_pass 127.0.0.1:9000;
}
And put at the end of the config file:
# Any other attempt to access PHP files returns a 404.
location ~* ^.+\.php$ {
return 404;
}
--- appa
More information about the nginx
mailing list