Hello all!
I have configured a location that acts list a transparent proxying cache:
location /get
{
set $hostx "";
set $addrs "";
if ( $uri ~ "^/get/http./+([^/]+)/(.+)$") {
set $hostx $1;
set $addrs $2;
For the archives, I finally used the solution I document here:
http://forum.nginx.org/read.php?2,247532,247532#msg-247532
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,242944,247533#msg-247533
___
nginx mailing list
nginx@nginx.org
http://ma
Hello folks,
Maybe this will save some time to someone.
I have a setup where I serve a web application as follows:
* server A with nginx handles directly as much static content as possible
* only requests for URLs requesting dynamic processing go to server B
hosting the application server
This
Hello!
On Thu, Feb 13, 2014 at 7:50 AM, Reinis Rozitis wrote:
>> Does it enables to request fileA and be able to get fileA + fileB + file C
>> ?
>> Any code example (even the most basic) ?
>
> https://github.com/agentzh/echo-nginx-module#readme
> http://wiki.nginx.org/HttpEchoModule
>
These two l
Hi All,
I'm running nginx 1.4.1 on OpenBSD 5.4 stable along with php and php-fpm
version 5.3.27 and mysql 5.1.70 on two systems. I'm trying to install
piwigo-2.6.1 and running into an issue on of of the systems as indicated by
the subject.
When I access the site initially it takes me to the set
Hello, we are using NGINX to serve a combination of local and proxied content
coming from both an Apache server (mostly PHP content) and IIS 7.5 (a handful
of third party .Net applications). The proxy is working properly for the pages
themselves, but we wanted set up a separate location block fo
Anton,
I already had the same issue logging to NFS, but I'm curious about why
nginx hang in some nfs failures. Log phase is the last, if there is no post
action, so why nginx stop responding in some NFS failures? Do you think
that I can ease the situation tunning nfs client config, such as timeout
> No you're just addressing the cgi_fixpathinfo issue. If I manage to upload a
> file called owned.php
> I can execute it because you don't whitelist the scripts that can be
> executed.
So disabling PHP execution in user upload directories and using the
location block from the wiki should mitigate
No you're just addressing the cgi_fixpathinfo issue. If I manage to upload
a file called owned.php
I can execute it because you don't whitelist the scripts that can be
executed.
appa
On Thu, Feb 13, 2014 at 5:44 PM, Grant wrote:
> Does the wiki example mitigate the "Passing Uncontrolled R
Does the wiki example mitigate the "Passing Uncontrolled Requests to PHP" risk?
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
>> I noticed my distro doesn't include any of the following in
>> fastcgi_params and only the first of these in fastcgi.conf:
>>
>> SCRIPT_FILENAME
>> PATH_INFO
>> PATH_TRANSLATED
>>
>> They are all included in fastcgi_params in the example here:
>>
>> http://wiki.nginx.org/PHPFcgiExample
>>
>> Sho
Does it enables to request fileA and be able to get fileA + fileB + file C
?
Any code example (even the most basic) ?
https://github.com/agentzh/echo-nginx-module#readme
http://wiki.nginx.org/HttpEchoModule
rr
___
nginx mailing list
nginx@nginx.org
Hello !
I am not sure that I understood this sentence from
http://www.aosabook.org/en/nginx.html :
"However, nginx goes further—not only can filters perform multiple
subrequests and combine the outputs into a single response, but subrequests
can also be nested and hierarchical"
It is pretty clea
Hello!
On Thu, Feb 13, 2014 at 05:50:18AM -0800, Grant wrote:
> >> Is it OK to use a minimal fastcgi configuration for a single file like
> >> this:
> >>
> >> location ~ ^/piwik/piwik.php$ {
> >
> > It doesn't make sense to use regular expression here. Instead,
> > use exact match location:
> >
> Trivial and correct fix for the problem mentioned on the wiki is
> to properly configure php, with cgi.fix_pathinfo=0.
I didn't realize the PHP config should be changed for nginx. Are
there other important changes to make besides 'cgi.fix_pathinfo=0'?
- Grant
_
Hello!
On Thu, Feb 13, 2014 at 06:12:58AM -0800, Grant wrote:
> > The "fastcgi_index" directive is to instruct a fastcgi backend
> > which file to use if a request with an URI ending with "/" is
> > passed to the backend. That is, it makes sense in a configuration
> > like this:
> >
> > loca
>> No I mean the \.php regex based one.
>
> So now you probably know why top-posting is discouraged. ;)
>
>> It's just that it opens the door to a lot of problems by allowing all .php
>> scripts to be
>> processed.
>>
>> Furthermore it's even mentioned on the wiki Pitfalls page:
>> http://wiki.ngi
Hello!
On Thu, Feb 13, 2014 at 02:47:35PM +0100, António P. P. Almeida wrote:
> No I mean the \.php regex based one.
So now you probably know why top-posting is discouraged. ;)
> It's just that it opens the door to a lot of problems by allowing all .php
> scripts to be
> processed.
>
> Furthe
> The "fastcgi_index" directive is to instruct a fastcgi backend
> which file to use if a request with an URI ending with "/" is
> passed to the backend. That is, it makes sense in a configuration
> like this:
>
> location / {
> fastcgi_pass localhost:9000;
> fastcgi_index ind
If you want to run Piwik in a subdirectory of the webroot, then check this
post
on how to run Piwik and Drupal together.
The idea is the same for running Piwik with any other PHP based application.
https://groups.drupal.org/node/407348#comment-1012438
appa
On Thu, Feb 13, 2014 at 2:50 PM,
This means that if relying solely on nginx we need multiple regexes to
extract the parameters
(we need to match on both the unescaped and escaped characters)
or using Lua we can unescape and do string processing using the Lua
libraries to extract the parameters.
Correct?
appa
On Wed, Feb
>> Is it OK to use a minimal fastcgi configuration for a single file like this:
>>
>> location ~ ^/piwik/piwik.php$ {
>
> It doesn't make sense to use regular expression here. Instead,
> use exact match location:
>
> location = /piwik/piwik.php {
I'm only using one instance of location = or ^
No I mean the \.php regex based one.
It's just that it opens the door to a lot of problems by allowing all .php
scripts to be
processed.
Furthermore it's even mentioned on the wiki Pitfalls page:
http://wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP
appa
On Thu, Feb 13, 201
Hello!
On Thu, Feb 13, 2014 at 02:09:34PM +0100, António P. P. Almeida wrote:
> This type of configuration is insecure since there's no whitelisting of the
> PHP scripts to be processed.
You mean "location / { fastcgi_pass ... }"? This type of
configuration assumes that any files under "/" are
Hello Maxim,
I switched back to old nginxcp script which is running on
other server without issue and looks like error is vanished now. Nginx
reverse proxy in front of apache is working fine now.
Nginx version is 1.2.7
Will let you know in case of issue.
Regards.
Shahzaib
On
This type of configuration is insecure since there's no whitelisting of the
PHP scripts to be processed.
appa
On Thu, Feb 13, 2014 at 1:34 PM, Maxim Dounin wrote:
> Hello!
>
> On Wed, Feb 12, 2014 at 03:23:05PM -0800, Grant wrote:
>
> > I've found that if I don't specify:
> >
> > inde
Hello!
On Wed, Feb 12, 2014 at 02:39:41PM -0500, Jack Andolini wrote:
> Hi,
>
> First of all, my environment:
>
> - About 1.6 GB RAM, which doesn't seem to be a bottleneck because actually
> I'm barely using it.
> - CPU fast enough (I guess)
> - Ubuntu 12.0.4 (32 bits, probably thats irrelevant
Hello!
On Wed, Feb 12, 2014 at 03:26:21PM -0800, Grant wrote:
> Is it OK to use a minimal fastcgi configuration for a single file like this:
>
> location ~ ^/piwik/piwik.php$ {
It doesn't make sense to use regular expression here. Instead,
use exact match location:
location = /piwik/piwi
Hello!
On Wed, Feb 12, 2014 at 03:23:05PM -0800, Grant wrote:
> I've found that if I don't specify:
>
> index index.html index.htm index.php;
>
> in the server blocks where I use fastcgi, I can get a 403 due to the
> forbidden directory index. I would have thought 'fastcgi_index
> index.php;'
On Thu, Feb 13, 2014 at 02:00:48AM +0100, Jiang Web wrote:
> Francis Daly wrote in post #1136476:
Hi there,
> > getServerPort is not an nginx thing, and nginx probably cannot affect
> > what it reports.
> >
> > What do you do with the result of getServerPort?
> we get the last request url(in jav
30 matches
Mail list logo
