Some security vulnerable

Kraiser nginx-forum at nginx.us
Sun Jun 5 14:01:34 MSD 2011


What do you guys think about implement this into nginx just like it is
in apache?
if ( $fastcgi_script_name ~ \..*\/.*php ) {
return 403;
}
because without that some servers which allows to upload images are
vulnerable to external exploits.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,204051,204051#msg-204051




More information about the nginx mailing list