Unverified Commit dba338a6 authored by Alexis Leclerc's avatar Alexis Leclerc Committed by GitHub
Browse files

security issue in NGINX/php-fpm

Update nginx conf due to this security issue : https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

I'm not an expert of php-fpm so I've just applied the recommended corrections. I did the update on my own configuration and it works.
If something goes wrong on my side I'll inform you.
parent 539b5f66
......@@ -114,7 +114,7 @@ server {
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$uri;
rewrite ^ /index.php;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
......@@ -127,6 +127,7 @@ server {
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|core/templates/40[34])\.php(?:$|/) {
# include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment