Actions

Translations

General FAQ/70/nl: Difference between revisions

From LimeSurvey Manual

No edit summary
No edit summary
Line 14: Line 14:
     }
     }
     #Disallow uploaded potential executable files in upload directory
     #Disallow uploaded potential executable files in upload directory
     location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$
     location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ {
         return 444;
         return 444;
     }
     }

Revision as of 14:12, 10 May 2019

Message definition (General FAQ)
<syntaxhighlight lang="apache">server {
   set $host_path "/PATH/TO/LIMESURVEY";
   server_name  YOUR.SERVER.FQDN;
   root /PATH/TO/LIMESURVEY;
   charset utf-8;
   try_files $uri /index.php?$uri&$args;
   # Disallow reading inside php script directory, see issue with debug > 1 on note
   location ~ ^/(application|docs|framework|locale|protected|tests|themes/\w+/views) {
       deny  all;
   }
   # Disallow reading inside runtime directory
   location ~ ^/tmp/runtime/ {
       deny  all;
   }
server {
    set $host_path "/PATH/TO/LIMESURVEY";
    server_name  YOUR.SERVER.FQDN;
    root /PATH/TO/LIMESURVEY;
    charset utf-8;
    try_files $uri $uri/ /index.php?r=$uri&$args;
    #Disallow reading inside php script directory, see issue with debug > 1 on note
    location ~ ^/(application|protected|framework|themes/\w+/views) {
        deny  all;
    }
    #Disallow direct read user upload files
    location ~ ^/upload/surveys/.*/fu_[a-z0-9]*$ {
        return 444;
    }
    #Disallow uploaded potential executable files in upload directory
    location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ {
        return 444;
    }
    #avoid processing of calls to unexisting static files by yii
    location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
        try_files $uri =404;
    }
    location ~ \.php$ {
        fastcgi_split_path_info  ^(.+\.php)(.*)$;
        try_files $uri index.php;
        fastcgi_pass   127.0.0.1:9000; # Change this to match your settings
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        fastcgi_param  SCRIPT_NAME      $fastcgi_script_name;
    }
}