Some security vulnerable

Edho P Arief edhoprima at gmail.com
Sun Jun 5 14:24:47 MSD 2011


On Sun, Jun 5, 2011 at 5:01 PM, Kraiser <nginx-forum at nginx.us> wrote:
> What do you guys think about implement this into nginx just like it is
> in apache?
> if ( $fastcgi_script_name ~ \..*\/.*php ) {
> return 403;
> }
> because without that some servers which allows to upload images are
> vulnerable to external exploits.
>

or just

try_files $uri =404;



More information about the nginx mailing list