It makes no difference as this combo;
root '/path/';
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
open_basedir = '/path/'
doc_root = '/path/'
Next to jailing, this boxes everything in.
With location /.../ '.php' you fine-tune where scripts live which may be
run.
I'd le
Should i have cgi.force_redirect enabled or disabled with Nginx because
everywhere i look sort of contradicts eachother.
Some say have it enabled some say have it disabled and this site has two
seperate security posts that say you should have it disabled in one then
enabled in another ?
http://ww
Well yeah you only need a WAF if your web application or server is insecure
in some way but you also have to look at the extra benefit it holds what is
if you are using Public web based app's such as Drupal, Wordpress, Joomla,
ClipBucket any kind of content management system because they are open
s
A WAF, even the simple one we supply in /conf, is only a tool for an
application-fool :) Both take some white-listing experience before it all
works but also requires more then basic knowledge to prevent legitimate
posts from getting blocked.
You might read through https://groups.google.com/forum/
Thanks itpp2012 i also am curious if there are any specific or recommended
naxsi firewall configs or things to use too other than the default config
you supply with your builds ?
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,254701,254703#msg-254703
___
Apart from those settings, jailing php just like nginx as we do with
'Install_nginx_php_services.zip' and following its advice about further
jailing, there is only one thing you could do and that's create more php
jailed users, one for each instance and jailing them to their environment
(www.sitea.
So i am curious on the security impacts on a windows server running nginx
and php
And if you have the following php.ini settings disabled.
"cgi.force_redirect = 0"
I saw itpp2012 posted the following
[PATH=s:/webroot/domain.nl]
open_basedir = s:/webroot/domain.nl
doc_root = s:/webroot/domain.nl
e
