PH Fast-CGI security pitfall

Ensiferous nginx-forum at nginx.us
Tue Nov 22 20:28:46 UTC 2011


It doesn't matter whether you use if or try_files. If people would
actually read the if is evil page then it specifically states that "It
is important to note that the behaviour of if is not inconsistent, given
two identical requests it will not randomly fail on one and work on the
other, with proper testing and understanding ifs can be used."

If you prefer if then use an if, if you prefer try_files then use a
try_files, there's really no reason to agonize over this issue.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,218755,218761#msg-218761



More information about the nginx mailing list