Mastering Nginx

Chapter 6

[ 151 ]

include fastcgi_private_files.conf;

fastcgi_pass 127.0.0.1:9000;

}
}

Replicate the Apache directive of Drupal

standard

.htaccess. Disable access to any code files. Return a 404 to

curtail

information disclosure. Also hide the text files.

location ~ ^(?:.+.(?:htaccess|make|txt|engine|inc|info|inst
all|module|profile|po|sh|.sql|test|theme|tpl(?:.
php)?|xtmpl)|code-style.pl|/Entries.*|/Repository|/Root|/
Tag|/Template)$ {

return 404;

}

#First we try the URI and relay to the /index.php?q=$uri&$args
if not found.
try_files $uri @drupal;

(Drupal 6) First we try the URI and relay to the /index.

php?q=$no_slash_uri&$args if not found. (use only one)
try_files $uri /index.php?q=$no_slash_uri&$args;

} # default location ends here

Restrict access to the strictly necessary PHP files. Reducing

the

scope for exploits. Handling of PHP code and the Drupal event

loop.
location @drupal {

Include the FastCGI config.

include fastcgi_drupal.conf;

fastcgi_pass 127.0.0.1:9000;

}

location @drupal-no-args {

Mastering Nginx

Replicate the Apache directive of Drupal

standard

.htaccess. Disable access to any code files. Return a 404 to

curtail

information disclosure. Also hide the text files.

(Drupal 6) First we try the URI and relay to the /index.

Restrict access to the strictly necessary PHP files. Reducing

scope for exploits. Handling of PHP code and the Drupal event

Include the FastCGI config.

Get our desktop app

Company

Features

Documentation

Resources