what's the simplest way to serve php files through an alias?
Ilan Berkner
iberkner at gmail.com
Sun Oct 3 08:33:11 MSD 2010
Thank you for your suggestion, I remember the vigorous discussion that took
place regarding this issue, in this particular case, this is a test /
development system so I'm not as concerned as I normally would be.
In our production environment, things are a bit more rigid.
On Sat, Oct 2, 2010 at 9:29 PM, António P. P. Almeida <appa at perusio.net>wrote:
> On 3 Out 2010 01h23 WEST, iberkner at gmail.com wrote:
>
> > [1 <multipart/alternative (7bit)>]
> > [1.1 <text/plain; ISO-8859-1 (quoted-printable)>]
> > Thanks,
> >
> > I tried it using "root" in the location, still no luck.
> >
> > Here's my config (the parts that matter), the location /nagios/ is
> > what's not working. What am I doing wrong? Thanks
> >
> > http
> > {
> > root /var/www/html;
> > server
> > {
> > listen 10.0.1.163;
> > server_name dev.testsite.com;
> > location /nagios/
> > {
> > root /usr/local/nagios/share;
> > index index.php;
> > }
> > location /
> > {
> > index index.php;
> > error_page 404 = @joomla;
> > log_not_found off;
> > }
> > location @joomla
> > {
> > rewrite ^(.*)$ /index.php?q=$1 last;
> > }
> >
> > location ~ \.php$
> > {
> > include fcgi;
> > fastcgi_pass 127.0.0.1:9000;
> > }
> >
> > }
> > }
>
> For security reasons I suggest you constrain which exact locations can
> be used for FastCGI. Using a generic regex for any file with php
> extension opens a big security hole. This was discussed not long ago
> on the list.
>
> Instead you should enumerate which files are to be handled by FastCGI
> and return a 404 for every other file that is not enumerated. E.g.,
>
> location ~* ^/index\.php$ {
> include fcgi;
> fastcgi_pass 127.0.0.1:9000;
> }
>
> And put at the end of the config file:
>
> # Any other attempt to access PHP files returns a 404.
> location ~* ^.+\.php$ {
> return 404;
> }
>
> --- appa
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20101003/c732aa21/attachment.html>
More information about the nginx
mailing list