Hi,
I have a question with this POC:
> location /protected/ {
> deny all;
> }
>
> location ~ \.php$ {
> fastcgi_pass ...
> }
These locations own different priorities,
http://nginx.org/en/docs/http/ngx_http_core_module.html#location
I think every request like “/protected/hello.php” can bypass this security
restriction like “location /protected {deny all;}”.
Is there something wrong with this POC description or something I
misunderstand? Thanks.
Regards.
yzprofile
>
>
_______________________________________________
nginx mailing list
[email protected]
http://mailman.nginx.org/mailman/listinfo/nginx
