tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 12:05:37 +00:00
Code Issues Projects Releases Wiki Activity

Remove module blacklist

Browse Source 
- It's not necessary, as SilverStripe returns a not-found page when an
  attempt is made to retrieve a file directly from a module.
- Also format as a fenced code block and style as nginx.
This commit is contained in:
Fred Condo 2018-01-24 15:53:23 -08:00
parent de25c93b75
commit 8f91f35526
1 changed files with 63 additions and 71 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/en/00_Getting_Started/01_Installation/How_To/Configure_Nginx.md
View File

@ -18,7 +18,8 @@ Especially be aware of [accidental php-execution](https://nealpoole.com/blog/201
But enough of the disclaimer, on to the actual configuration — typically in `nginx.conf`:
server {
```nginx
server {
include mime.types;
default_type application/octet-stream;
client_max_body_size 0; # Manage this in php.ini
@ -54,17 +55,7 @@ But enough of the disclaimer, on to the actual configuration — typically in `n
include fastcgi_params;
}
# Core denial (change mysite if you use a different name)
location ~ /(mysite|framework|cms)/.*\.(php|php3|php4|php5|phtml|inc)$ {
deny all;
}
# Modules denial (edit the regex to match your installed modules)
location ~ /(buildtools|colorpicker|docsviewer|editlock|geoip|googlesitemaps|mathspamprotection|sortablegridfield|spamprotection|testsession|userforms)/.*\.(php|php3|php4|php5|phtml|inc)$ {
deny all;
}
# Other denials
# Denials
location ~ /\.. {
deny all;
}
@ -94,7 +85,8 @@ But enough of the disclaimer, on to the actual configuration — typically in `n
location ~* /(cms|framework)/silverstripe_version$ {
deny all;
}
}
}
```
The above configuration sets up a virtual host `example.com` with
rewrite rules suited for SilverStripe. The location block for framework