Security issues with Nginx

Hey all

Im new to Nginx and wanted to know if any of you familiar with any Known
security issues in Nginx (for example:
http://cnedelcu.blogspot.co.il/2010/05/nginx-php-via-fastcgi-important.html)

Thanks
Joe

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,237336,237336#msg-237336

Hello!

On Thu, Mar 14, 2013 at 03:43:17AM -0400, Joe M wrote:

Hey all

Im new to Nginx and wanted to know if any of you familiar with any Known
security issues in Nginx (for example:
http://cnedelcu.blogspot.co.il/2010/05/nginx-php-via-fastcgi-important.html)

This was discussed here once discovered[1], and the conclusion is:
it’s not a security issue in nginx, but rather a misconfiguration
of php.

Making sure you’ve configured it correctly (i.e. switched off
cgi.fix_pathinfo=0 in php.ini) is a good idea though.

[1] http://mailman.nginx.org/pipermail/nginx/2010-May/020461.html


Maxim D.
http://nginx.org/en/donation.html

OK, great

Any other security issues or misconfiguration I should know about?

Thanks
Joe

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,237336,237345#msg-237345

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs