Facebook
TwitterKazimierasS
New Pleskian
hi,
i have disabled apache support for my application and added custom directives via "Additional nginx directives"
but byt the look of it they're being ignored and i can directly go into http://blablabla.com/application/secret.php and i would expect to get denied by rule
2017/11/02 23:26:01 [error] 4712#0: *1 access forbidden by rule, client
but instead i receive 200 No direct script access allowed
is there any way to workaround this and make it work as expected ?
i have disabled apache support for my application and added custom directives via "Additional nginx directives"
but byt the look of it they're being ignored and i can directly go into http://blablabla.com/application/secret.php and i would expect to get denied by rule
2017/11/02 23:26:01 [error] 4712#0: *1 access forbidden by rule, client
but instead i receive 200 No direct script access allowed
Code:
[root@vps463584 conf]# pwd
/var/www/vhosts/system/blablabla.com/conf
[root@vps463584 conf]# cat vhost_nginx.conf
location / {
try_files $uri $uri/ /index.php;
}
location ~ /__misc/(.*)\.(conf|sql|zip|gz|rar)$ {
deny all;
}
location ~ /system/(.*)\.php$ {
deny all;
}
location ~ /application/(.*)\.php$ {
deny all;
}
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_pass unix:///var/www/vhosts/system/blablabla/php-fpm.sock;
try_files $uri =404;is there any way to workaround this and make it work as expected ?
