Hey all
Im new to Nginx and wanted to know if any of you familiar with any Known
security issues in Nginx (for example:
Nginx & PHP via FastCGI important security issue)
Thanks
Joe
Posted at Nginx Forum:
Hello!
On Thu, Mar 14, 2013 at 03:43:17AM -0400, Joe M wrote:
Hey all
Im new to Nginx and wanted to know if any of you familiar with any Known
security issues in Nginx (for example:
Nginx & PHP via FastCGI important security issue)
This was discussed here once discovered[1], and the conclusion is:
it’s not a security issue in nginx, but rather a misconfiguration
of php.
Making sure you’ve configured it correctly (i.e. switched off
cgi.fix_pathinfo=0 in php.ini) is a good idea though.
[1] nginx 0day exploit for nginx + fastcgi PHP
–
Maxim D.
http://nginx.org/en/donation.html
OK, great
Any other security issues or misconfiguration I should know about?
Thanks
Joe
Posted at Nginx Forum: