what's the simplest way to serve php files through an alias?

António P. P. Almeida appa at perusio.net
Sun Oct 3 05:29:19 MSD 2010


On 3 Out 2010 01h23 WEST, iberkner at gmail.com wrote:

> [1  <multipart/alternative (7bit)>]
> [1.1  <text/plain; ISO-8859-1 (quoted-printable)>]
> Thanks,
>
> I tried it using "root" in the location, still no luck.
>
> Here's my config (the parts that matter), the location /nagios/ is
> what's not working.  What am I doing wrong? Thanks
>
> http
> {
> root /var/www/html;
> server
> {
> listen  10.0.1.163;
> server_name  dev.testsite.com;
> location /nagios/
> {
> root /usr/local/nagios/share;
> index index.php;
> }
> location /
> {
> index  index.php;
> error_page 404 = @joomla;
> log_not_found off;
> }
> location @joomla
> {
> rewrite ^(.*)$ /index.php?q=$1 last;
> }
>
> location ~ \.php$
> {
> include fcgi;
> fastcgi_pass 127.0.0.1:9000;
> }
>
> }
> }

For security reasons I suggest you constrain which exact locations can
be used for FastCGI. Using a generic regex for any file with php
extension opens a big security hole. This was discussed not long ago
on the list.

Instead you should enumerate which files are to be handled by FastCGI
and return a 404 for every other file that is not enumerated. E.g.,

location ~* ^/index\.php$ {
  include fcgi;
  fastcgi_pass 127.0.0.1:9000;
}

And put at the end of the config file:

# Any other attempt to access PHP files returns a 404.
location ~* ^.+\.php$ {
  return 404; 
}

--- appa




More information about the nginx mailing list