General FAQ/70/nl: Difference between revisions
From LimeSurvey Manual
No edit summary |
No edit summary |
||
Line 14: | Line 14: | ||
} | } | ||
#Disallow uploaded potential executable files in upload directory | #Disallow uploaded potential executable files in upload directory | ||
location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ | location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ { | ||
return 444; | return 444; | ||
} | } |
Revision as of 14:12, 10 May 2019
server {
set $host_path "/PATH/TO/LIMESURVEY";
server_name YOUR.SERVER.FQDN;
root /PATH/TO/LIMESURVEY;
charset utf-8;
try_files $uri $uri/ /index.php?r=$uri&$args;
#Disallow reading inside php script directory, see issue with debug > 1 on note
location ~ ^/(application|protected|framework|themes/\w+/views) {
deny all;
}
#Disallow direct read user upload files
location ~ ^/upload/surveys/.*/fu_[a-z0-9]*$ {
return 444;
}
#Disallow uploaded potential executable files in upload directory
location ~* /upload/.*\.(pl|cgi|py|pyc|pyo|phtml|sh|lua|php|php3|php4|php5|php6|pcgi|pcgi3|pcgi4|pcgi5|pcgi6|icn)$ {
return 444;
}
#avoid processing of calls to unexisting static files by yii
location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {
try_files $uri =404;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
try_files $uri index.php;
fastcgi_pass 127.0.0.1:9000; # Change this to match your settings
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
}