tonyair/silverstripe-framework
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-framework synced 2024-10-22 14:05:37 +02:00
Code Issues Projects Releases Wiki Activity

Add defense against SS-2015-013 to nginx example

Browse Source
This commit is contained in:
Fred Condo 2015-05-28 17:00:33 -07:00
parent 25f2689833
commit 9efc384582
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
docs/en/00_Getting_Started/01_Installation/How_To/Configure_Nginx.md
View File

@ -8,12 +8,14 @@ able to run PHP files via the FastCGI-wrapper from Nginx.
Now you need to set up a virtual host in Nginx with configuration settings
that are similar to those shown below.
<div class="notice" markdown='1'>
If you don't fully understand the configuration presented here, consult the
[nginx documentation](http://nginx.org/en/docs/).
Especially be aware of [accidental php-execution](https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/ "Don't trust the tutorials") when extending the configuration.
</div>
But enough of the disclaimer, on to the actual configuration — typically in `nginx.conf`:
server {
@ -22,6 +24,11 @@ But enough of the disclaimer, on to the actual configuration — typically in `n
server_name site.com www.site.com;
# Defend against SS-2015-013 -- http://www.silverstripe.org/software/download/security-releases/ss-2015-013
if ($http_x_forwarded_host) {
return 400;
}
location / {
try_files $uri /framework/main.php?url=$uri&$query_string;
}