okkezSS
November 20, 2010, 7:40pm
1
Hello,
I have some directories (cache, static, etc) that denies execution of
some files.
In these directories I have a .htaccess file with this rule:
Order allow,deny
Deny from all
I would like to test nginx with php-fpm but I don’t know how to rewrite
these rules in nginx
Can someone help me?
Thanks
Posted at Nginx Forum:
Hello, I have some directories (cache, static, etc) that denies execution of some files. In these directories I have a .htaccess file with this rule: <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)"> Order allow,deny
nfn
November 20, 2010, 8:06pm
2
On 20 Nov 2010 18h39 WET, [email protected] wrote:
I would like to test nginx with php-fpm but I don’t know how to
rewrite these rules in nginx Can someone help me?
Yes constrain exactly the locations where you pass the request
upstream to FCGI or another server that handles PHP and/or Perl.
Precede those FCGI/upstream related directives with one (or several)
that serve static files from those locations (static, cache, &c). That
way if someone uploads a file that has a forged magic number (e.g.,
php passing as jpeg) they’ll get the file served directly.
— appa
nfn
November 20, 2010, 8:31pm
3
Olá António,
that’s exactly what I need, since these directories have write
permissions, but which rules should I have?
placing something like this will work, but the user can see/read the php
content and I don’t want that
location ~ ^/(cache|static|etc)/ {
root /var/www;
}
How do I deny execution/read access to those files
(php|pl!php3|php4|php5)
Thanks
Nuno
Posted at Nginx Forum:
Hello, I have some directories (cache, static, etc) that denies execution of some files. In these directories I have a .htaccess file with this rule: <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)"> Order allow,deny
nfn
November 20, 2010, 8:44pm
4
On 20 Nov 2010 19h31 WET, [email protected] wrote:
Olá Nuno,
root /var/www;
}
[/code]
How do I deny execution/read access to those files
(php|pl!php3|php4|php5)
Try this:
location ~* ^/(?:cache|static|etc)/..(?:pl|php[345] )$ {
return 404; # or 403
}
This directive should precede those that are “legal” in that location
(static, cache, etc).
— appa
nfn
November 20, 2010, 8:21pm
5
On 20 Nov 2010 19h00 WET, [email protected] wrote:
Deny from all
I would like to test nginx with php-fpm but I don’t know how to
rewrite these rules in nginx Can someone help me?
Also add this as your last location directive:
location ~* .(?:php|pl)$ {
return 404; # or 403 if you prefer.
}
Note that you should have defined the locations where it’s “legal” to
handle PHP and Perl before.
— appa
nfn
November 20, 2010, 8:51pm
6
Hello again,
Just test some rules and after some testing I have this:
location ~ ^/(cache|static|etc)/ {
root /var/www;
if ( $request_filename ~* "^.+\.(php|pl|php3|php4|php5)$" ) {
return 403;
}
}
Any advice?
Posted at Nginx Forum:
Hello, I have some directories (cache, static, etc) that denies execution of some files. In these directories I have a .htaccess file with this rule: <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)"> Order allow,deny
nfn
November 20, 2010, 9:06pm
7
Hi,
with your rule, if i try http://localhost/cache/static.html (file
exists) i get 404 error … even adding root /var/www.
Thanks
Posted at Nginx Forum:
Hello, I have some directories (cache, static, etc) that denies execution of some files. In these directories I have a .htaccess file with this rule: <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)"> Order allow,deny
nfn
November 20, 2010, 9:11pm
8
On 20 Nov 2010 19h50 WET, [email protected] wrote:
}
I don’t see why you need the if. If the order is correct in the config
file then a simple location will do. Without the if.
Does the root directive needs to be in this context? Can it be moved
to a server context or any other location above the current?
— appa
nfn
November 20, 2010, 11:28pm
9
Hello,
You rule it’s working now … It was on the wrong place.
Thanks
Posted at Nginx Forum:
Hello, I have some directories (cache, static, etc) that denies execution of some files. In these directories I have a .htaccess file with this rule: <Files ~ "^.*\.(php|cgi|pl|php3|php4|php5|php6|phtml|shtml)"> Order allow,deny
nfn
November 20, 2010, 9:15pm
10
On 20 Nov 2010 20h05 WET, [email protected] wrote:
Hi,
with your rule, if i try http://localhost/cache/static.html (file
exists) i get 404 error … even adding root /var/www.
Paste all the rules here. Only then can we see what’s going on.
— appa