Hey all Im new to Nginx and wanted to know if any of you familiar with any Known security issues in Nginx (for example: http://cnedelcu.blogspot.co.il/2010/05/nginx-php-v...) Thanks Joe Posted at Nginx Forum: http://forum.nginx.org/read.php?2,237336,237336#msg-237336
on 2013-03-14 08:43
on 2013-03-14 09:40
Hello! On Thu, Mar 14, 2013 at 03:43:17AM -0400, Joe M wrote: > Hey all > > Im new to Nginx and wanted to know if any of you familiar with any Known > security issues in Nginx (for example: > http://cnedelcu.blogspot.co.il/2010/05/nginx-php-v...) This was discussed here once discovered[1], and the conclusion is: it's not a security issue in nginx, but rather a misconfiguration of php. Making sure you've configured it correctly (i.e. switched off cgi.fix_pathinfo=0 in php.ini) is a good idea though. [1] http://mailman.nginx.org/pipermail/nginx/2010-May/... -- Maxim Dounin http://nginx.org/en/donation.html
on 2013-03-14 12:21
OK, great Any other security issues or misconfiguration I should know about? Thanks Joe Posted at Nginx Forum: http://forum.nginx.org/read.php?2,237336,237345#msg-237345
Enable email notification
Enable multi-page viewPlease log in before posting. Registration is free and takes only a minute.
Existing account
(Switch to SSL-encrypted connection)
NEW: Do you have a Google/GoogleMail or Yahoo account? No registration required!
Log in with Google account | Log in with Yahoo account
Log in with Google account | Log in with Yahoo account
No account? Register here.