the-nine-worlds/loki
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix nginx security issue https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

Browse Source
This commit is contained in:
Wojciech Kozlowski 2019-11-14 22:44:53 +08:00
parent e0bae63e76
commit f1594392e1
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
nextcloud/nginx.conf
View File

@ -84,7 +84,7 @@ http {
#pagespeed off; #pagespeed off;
location / { location / {
rewrite ^ /index.php$request_uri; rewrite ^ /index.php
} }
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
@ -96,12 +96,14 @@ http {
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) { location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$; fastcgi_split_path_info ^(.+\.php)(/.*)$;
try_files $fastcgi_script_name =404;
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on; fastcgi_param HTTPS on;
#Avoid sending the security headers twice #Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true; fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true; fastcgi_param front_controller_active true;
fastcgi_pass php-handler; fastcgi_pass php-handler;
fastcgi_intercept_errors on; fastcgi_intercept_errors on;