Some security vulnerable
António P. P. Almeida
appa at perusio.net
Sun Jun 5 21:40:13 MSD 2011
On 5 Jun 2011 14h40 WEST, tomlove at gmail.com wrote:
> On 5 June 2011 12:01, Kraiser <nginx-forum at nginx.us> wrote:
>> What do you guys think about implement this into nginx just like it
>> is in apache? if ( $fastcgi_script_name ~ \..*\/.*php ) { return
>> 403; } because without that some servers which allows to upload
>> images are vulnerable to external exploits.
>>
>
> They're vulnerable because of bad site design and configuration
> (although I do think nginx's location parsing logic makes it
> uncomfortably easy to produce insecure configurations). Why not
> eliminate the vulnerability instead of hardening against it with
> more configuration? The .php match should not be attempted in any
> untrusted user-upload directory -- use sub-locations.
I agree. Either nested locations and/or enumeration of all PHP enabled
locations is the way to go. The above is just a stopgap for a proper
meaning secure, configuration.
--- appa
More information about the nginx
mailing list