Hello! On Mon, Apr 03, 2017 at 09:21:10AM -0400, [email protected] wrote:
> We are testing using nginx as a file cache in front of our app, but the > contents of the proxy cache directory are readable to any body who has > access to the machine. Is there a way to encrypt the files stored in the > proxy cache folder so that it' not exposed to the naked eye but nginx > decrypts it on the fly before serving it to the user. Files in the proxy cache folder are protected using normal access control, nginx uses 0600 access mask for all cache files and directories. They aren't expected to be readable by anyone except nginx itself. This is believed to be enough to prevent any unauthorized access on software level. If you also want to protect data from attackers with physical access to the server, consider using disk encryption and/or filesystem-level encryption. It is not likely to solve the problem completely, but may help in some simple cases. -- Maxim Dounin http://nginx.org/ _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
