Hello! On Thu, Mar 14, 2013 at 03:43:17AM -0400, Joe M wrote:
> Hey all > > Im new to Nginx and wanted to know if any of you familiar with any Known > security issues in Nginx (for example: > http://cnedelcu.blogspot.co.il/2010/05/nginx-php-via-fastcgi-important.html) This was discussed here once discovered[1], and the conclusion is: it's not a security issue in nginx, but rather a misconfiguration of php. Making sure you've configured it correctly (i.e. switched off cgi.fix_pathinfo=0 in php.ini) is a good idea though. [1] http://mailman.nginx.org/pipermail/nginx/2010-May/020461.html -- Maxim Dounin http://nginx.org/en/donation.html _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
