Hi.
Our login page accepts a query parameter called client_id. Suppose we have
three applications and their respective client_ids are:
client_id=external-app
client_id=internal-app1
client_id=internal-app2
You may guess... behind the scene we do an oauth login that's why
"client_id" is in the ur
Hello!
On Wed, Aug 03, 2016 at 07:07:53PM +0200, B.R. wrote:
> I disagree: it is a good feature to check for script file existence before
> calling PHP on it with something like:
> try_files [...] =404;
> It helps mitigating attacks by avoiding to pave the way to undue files
> being interpreted.
Not sure if it's the heat and I'm tired...
Had access logs off for a long time. Decided to start it up again to try
and track down a bot issue.
Added access_log /var/log/nginx/access.log; to my server config.
Restarted. It creates a log file. Notice it has root:root permissions,
while the er
Looks like, its working now. Added root directive under server {} section &
link got loaded into the browser though 403 still occurs in terminal when
calling with curl (not much to worry about i guess) .
On Wed, Aug 3, 2016 at 10:17 PM, shahzaib mushtaq
wrote:
> H,
>
> Can you please help to fix
H,
Can you please help to fix it ? expire= is already fixed but issue still
persists.
Regards.
Shahzaib
On Wed, Aug 3, 2016 at 9:30 PM, shahzaib mushtaq
wrote:
> Hi,
>
> Thanks for response though i already had fixed this mistake, during
> copy/paste the commands on this forum made a typo. Her
I disagree: it is a good feature to check for script file existence before
calling PHP on it with something like:
try_files [...] =404;
It helps mitigating attacks by avoiding to pave the way to undue files
being interpreted.
That only works if the filesystem containing PHP scripts is accessible f
Hi,
Thanks for response though i already had fixed this mistake, during
copy/paste the commands on this forum made a typo. Here you can see i've
created date + md5 but still 403 error :
http://prntscr.com/c1690d
On Wed, Aug 3, 2016 at 9:21 PM, Maxim Dounin wrote:
> Hello!
>
> On Wed, Aug 03, 2
Hello!
On Wed, Aug 03, 2016 at 08:38:36PM +0500, shahzaib mushtaq wrote:
> Hi,
>
> We've configured nginx --with-http_secure_link_module to secure the mp4
> links. Currently we're testing it with very basic settings. Following is
> brief explanation of our lab :
>
> A test.mp4 file is located u
Hi,
We've configured nginx --with-http_secure_link_module to secure the mp4
links. Currently we're testing it with very basic settings. Following is
brief explanation of our lab :
A test.mp4 file is located under directory /tunefiles/files/test.mp4 . Our
objective is to access this file over secu
Hello!
On Tue, Aug 02, 2016 at 05:55:13PM +0200, Matthias Fechner wrote:
> Am 01.08.2016 um 00:53 schrieb Maxim Dounin:
> > The auth_digest module is a 3rd party one. And the message
> > suggests there is a bug in it, or it's not compatible with the
> > current version of nginx.
> >
> > You ma
10 matches
Mail list logo