Sanity check of my config - is it secure?
António P. P. Almeida
appa at perusio.net
Thu May 26 23:46:50 MSD 2011
On 26 Mai 2011 20h36 WEST, nginx-forum at nginx.us wrote:
> Thanks, in your opinion what's the best way to approach this? I
> basically want to ensure that our static.domain.com subdomain ONLY
> servers image/js/css files.
>
> Whilst I have set 'location' for only the folders which have images,
> etc in, I want to ensure that if someone put a script into one of
> those directories, it would not be executed.
If I understood correctly: there's no need to worry then. If there's
no embedded interpreter (Perl/Lua) or a fastcgi backend configured on
that vhost. There's no way that someone will be able to run a script
from the web there.
--- appa
More information about the nginx
mailing list