General FAQ/139/nl: Difference between revisions
From LimeSurvey Manual
(Created page with "# Toegang tot bekende map toestaan, verschillend gebruik, bijvoorbeeld: ACME Challenge for Let's Encrypt location ~ /\.well-known { allow all; } # Alle ben...") |
No edit summary |
||
Line 1: | Line 1: | ||
# | # Allow access to well-known directory, different usage, for example ACME Challenge for Let's Encrypt | ||
location ~ /\.well-known { | location ~ /\.well-known { | ||
allow all; | allow all; | ||
} | } | ||
# | # Deny all attempts to access hidden files | ||
# | # such as .htaccess, .htpasswd, .DS_Store (Mac). | ||
location ~ /\. { | location ~ /\. { | ||
deny all; | deny all; | ||
} | } | ||
# | #Disallow direct read user upload files | ||
location ~ ^/upload/surveys/.*/fu_[a-z0-9]*$ { | location ~ ^/upload/surveys/.*/fu_[a-z0-9]*$ { | ||
return 444; | return 444; | ||
} | } | ||
# | #Disallow uploaded potential executable files in upload directory | ||
location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ { | location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ { | ||
return 444; | return 444; | ||
} | } | ||
# | #avoid processing of calls to unexisting static files by yii | ||
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { | location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { | ||
try_files $uri =404; | try_files $uri =404; |
Latest revision as of 16:09, 28 March 2023
- Allow access to well-known directory, different usage, for example ACME Challenge for Let's Encrypt
location ~ /\.well-known { allow all; } # Deny all attempts to access hidden files # such as .htaccess, .htpasswd, .DS_Store (Mac). location ~ /\. { deny all; } #Disallow direct read user upload files location ~ ^/upload/surveys/.*/fu_[a-z0-9]*$ { return 444; } #Disallow uploaded potential executable files in upload directory location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ { return 444; } #avoid processing of calls to unexisting static files by yii location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ { try_files $uri =404; } location ~ \.php$ { fastcgi_split_path_info ^(.+\.php)(.*)$; try_files $uri index.php; fastcgi_pass 127.0.0.1:9000; # Change this to match your settings fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; }
}</syntaxhighlight>