[prev in list] [next in list] [prev in thread] [next in thread]
List: nginx
Subject: Whitelisting files with certain extensions
From: ST <smntov () gmail ! com>
Date: 2017-08-10 13:29:14
Message-ID: 1502371754.1654.28.camel () gmail ! com
[Download RAW message or body]
Hello,
we had following problem: one of the developers has saved a .php file
as .php.old. This file, if requested directly, was offered by nginx for
download and thus exposed. What is the right way to solve this?
1. initial idea was to whitelist all the legitimate file extensions that
we use and block the rest. Is this the right approach? If yes - what is
the best way to do this?
1.1 we have one directory that has legitimate files without any
extension that we also want to serve... how to make an exception for
this directory?
Thank you!
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic