fatfree icon indicating copy to clipboard operation
fatfree copied to clipboard

Published 20 hours ago verified publisher icon bcosca

The nginx sample config security issue

Open ptejada opened this issue 7 years ago • 3 comments

The sample nginx setup should include the rule to block all .ini files.

ptejada avatar Jan 14 '18 19:01 ptejada

normally you won't place them in the www-folder, would you?

KOTRET avatar Jan 15 '18 06:01 KOTRET

The apache htaccess file in the project does include the directive to prevent the server from serving ini files, why not included the same for the nginx example?

ptejada avatar Jan 15 '18 17:01 ptejada

The same applies to the tmp directory which is within the docroot.

sdragnev avatar Feb 26 '21 14:02 sdragnev