maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Fixing vuln. in php + nginx - config, thx altmir for reporting, fixes #980

Browse Source 
Signed-off-by: Florian Aders (EleRas) <eleras@froxlor.org>
This commit is contained in:
Florian Aders (EleRas)
2011-11-19 11:39:40 +01:00
parent 6e4121d9bb
commit a177c0558e
2 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/jobs/cron_tasks.inc.http.30.nginx.php
View File

@@ -619,6 +619,8 @@ class nginx
if($domain['phpenabled'] == '1')
{
$phpopts = "\t".'location ~ \.php$ {'."\n";
$phpopts.= "\t\t".'try_files $uri =404;'."\n";
$phpopts.= "\t\t".'fastcgi_split_path_info ^(.+\.php)(/.+)$;'."\n";
$phpopts.= "\t\t".'fastcgi_index index.php;'."\n";
//$phpopts.= "\t\t".'fastcgi_pass ' . $this->settings['system']['nginx_php_backend'] . ';' . "\n";
//$phpopts.= "\t\t".'fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;'."\n";

2
scripts/jobs/cron_tasks.inc.http.35.nginx_phpfpm.php
View File

@@ -38,6 +38,8 @@ class nginx_phpfpm extends nginx
$phpconfig = $php->getPhpConfig((int)$domain['phpsettingid']);
$php_options_text = "\t".'location ~ \.php$ {'."\n";
$php_options_text.= "\t\t".'try_files $uri =404;'."\n";
$php_options_text.= "\t\t".'fastcgi_split_path_info ^(.+\.php)(/.+)$;'."\n";
$php_options_text.= "\t\t".'fastcgi_pass unix:' . $php->getInterface()->getSocketFile() . ';' . "\n";
$php_options_text.= "\t\t".'fastcgi_index index.php;'."\n";
$php_options_text.= "\t\t".'fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;'."\n";