Difference between revisions of "Talk:Nginx"

Jump to: navigation, search
m
m
 
Line 14: Line 14:
 
http://serverfault.com/questions/627903/is-the-php-option-cgi-fix-pathinfo-really-dangerous-with-nginx-php-fpm
 
http://serverfault.com/questions/627903/is-the-php-option-cgi-fix-pathinfo-really-dangerous-with-nginx-php-fpm
  
I want to propose to add the information how to get Nginx working in MAMP.  
+
I want to propose to add the information how to get Nginx working in MAMP to be able to develop with the same server potentially used on a live site. I needed to research a long time to find this information.
  
 
For MAMP add the following two Lines on the Nginx settings page for »Additional parameters ...«
 
For MAMP add the following two Lines on the Nginx settings page for »Additional parameters ...«

Latest revision as of 08:54, 20 February 2019

I've removed the lines from this page instructing users to set the php configuration parameter cgi.fix-pathinfo=0

This line is included in a lot of on-line how-to guides for Nginx/PHP and is explained as a security restriction, see, here and here

In summary, within the context of Nginx and php-fpm the best(?) way to handle potential PATH_INFO vulnerabilities as described in those articles is to use the default behaviour of php-fpm, i.e. within,

/etc/php5/fpm/pool.d/www.conf (debianised)

security.limit_extensions = .php

Either way will work just fine, but this is one step less with no real down sides...

Links:
https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
http://serverfault.com/questions/627903/is-the-php-option-cgi-fix-pathinfo-really-dangerous-with-nginx-php-fpm

I want to propose to add the information how to get Nginx working in MAMP to be able to develop with the same server potentially used on a live site. I needed to research a long time to find this information.

For MAMP add the following two Lines on the Nginx settings page for »Additional parameters ...«

rewrite ^/(.*)/(.*\.php)(/)(.*)$ /$1/$2?file=/$4 last;
rewrite ^/(.*\.php)(/)(.*)$ /$1?file=/$3 last;