So is "rewrite_by_lua" also evil?
Nginx User
nginx at nginxuser.net
Fri Oct 14 19:24:52 UTC 2011
On 14 October 2011 16:27, Nginx User <nginx at nginxuser.net> wrote:
> Looking at things further, it may be a mime type issue clouding things.
> My js files use the non-standard but widely adopted "text/javascript"
> while Nginx comes with the standard but not always supported
> "application/X-javascript" mime type.
> Not sure I changed the mimes types file accordingly when I went to 1.0.8.
>
> The phpMyadmin one is funny though as all it does is use an alias.
OK. I went back to nginx1.0.8 and 0.31rc11, made sure everything was
proper and made sure I only used rewrite by lua to trigger the jump
server {
...
location @pretty_urls {
# some rewrite rules to php
}
location @proxy {
include /etc/nginx/firewall.default;
proxy_pass http://127.0.0.1:8080;
...
}
location ~ ^.+\.php$ {
content_by_lua 'ngx.exec("@proxy");';
}
location / {
try_files $uri $uri/ @pretty_urls;
}
}
Everything works perfectly and not a hint of evil behaviour. Not sure
what I missed before but I am now as happy as Larry.
Now I can implement the second stage of my WAF implementation plan
where firewall.default would query PHPIDS (https://phpids.org/)
instead of my homebrew regexes.
More information about the nginx
mailing list