Correction : nginx : if is evil.

author Julien Moutinho <julm+heureux-cyclage@autogeree.net>

Wed, 22 Oct 2014 01:52:44 +0000 (03:52 +0200)

committer Julien Moutinho <julm+heureux-cyclage@autogeree.net>

Wed, 22 Oct 2014 01:52:44 +0000 (03:52 +0200)
author Julien Moutinho <julm+heureux-cyclage@autogeree.net>
Wed, 22 Oct 2014 01:52:44 +0000 (03:52 +0200)
committer Julien Moutinho <julm+heureux-cyclage@autogeree.net>
Wed, 22 Oct 2014 01:52:44 +0000 (03:52 +0200)
diff --git a/etc/nginx/site.d/cyclo-letabli/site.conf b/etc/nginx/site.d/cyclo-letabli/site.conf

index f0a2f14..a06f71b 100644 (file)
--- a/etc/nginx/site.d/cyclo-letabli/site.conf
+++ b/etc/nginx/site.d/cyclo-letabli/site.conf
@@ -50,10 +50,9 @@ location ~ \.php(|/.+)$ {
         fastcgi_pass_header Cookie;
         fastcgi_pass_header Set-Cookie;
         fastcgi_split_path_info ^(.+\.php)(/.+)$;
         fastcgi_pass_header Cookie;
         fastcgi_pass_header Set-Cookie;
         fastcgi_split_path_info ^(.+\.php)(/.+)$;
-       if (!-f $document_root$fastcgi_script_name) {
-               # This is a robust solution for path info security issue and works with "cgi.fix_pathinfo = 1" in /etc/php.ini (default)
-               return 404;
-        }
+       try_files $fastcgi_script_name =404;
+               # Check for path info security issue
+
         
         fastcgi_pass unix:/run/php5/fpm/letabli;
   }
         
         fastcgi_pass unix:/run/php5/fpm/letabli;
   }
author	Julien Moutinho <julm+heureux-cyclage@autogeree.net>
	Wed, 22 Oct 2014 01:52:44 +0000 (03:52 +0200)
committer	Julien Moutinho <julm+heureux-cyclage@autogeree.net>
	Wed, 22 Oct 2014 01:52:44 +0000 (03:52 +0200)