View Single Post
  #10  
Old 17th March 2013, 15:06
mottwsc mottwsc is offline
Junior Member
 
Join Date: Feb 2013
Posts: 9
Thanks: 1
Thanked 0 Times in 0 Posts
Default reposting config file

My mistake there on copying it from a doc (which had other comments) vs. the script. It does have a ; after that statement in the actual script. Just to be safe in communicating, though, I have copied it from the script on the server.

I thought a read somewhere that there had to be extra security statements within the php block, or maybe that the php block had to be within a larger block which had security statements - ever heard of this?

Thanks for any suggestions.

Code:
server {
    listen       80;
    server_name  mm201.myserver.com;

    root  /var/www/html;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    location / {
    #   root   /var/www/html;
    # this statement allows static content to be served first
        try_files $uri $uri/ /index.php

        index  index.php  index.html index.htm;
    }

    # protect the "secure" folder  ( /var/www/html/secure )
    location /secure/ {
    #   root  /var/www/html;
        auth_basic "Restricted";
        auth_basic_user_file /var/www/protected/.htpasswd;
    #   auth_basic_user_file /var/www/html/secure/.htpasswd;
    }

    # protect the "munin" folder  ( /var/www/html/munin ) and subfolders
    location ^~ /munin/ {
        auth_basic "Restricted";
        auth_basic_user_file /var/www/protected/.htpasswd;
    }

    error_page  404              /404.html;
    location = /404.html {
    #   root   /var/www/html;
    }

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
    #   root   /var/www/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
    #   root    /var/www/html;
        try_files $uri =404;
    # the above was inserted to block malicious code uploads, but nginx and
    # the php-fcgi workers must be on the same physical server

        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny  all;
    }
}
Reply With Quote