Last active
January 8, 2021 07:04
-
-
Save BrianGilbert/e9a7aaf555bdfb8d3844 to your computer and use it in GitHub Desktop.
nginx configuration for OJS on an aegir box
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
####################################################### | |
### nginx compact ojs configuration start | |
####################################################### | |
location ~ /\.ht { | |
deny all; | |
} | |
location ~ ^/cache(.*)$ { | |
deny all; | |
} | |
location ~ ^/index.php($|/) { | |
fastcgi_split_path_info ^(.*?\.php)(/.*)$; | |
fastcgi_pass 127.0.0.1:9000; | |
include fastcgi_params; | |
fastcgi_index index.php; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_param PATH_INFO $fastcgi_path_info; | |
} | |
### | |
### serve & no-log static files & images directly | |
### | |
location ~* ^.+\.(css|js|xml|jpg|jpeg|gif|png|ico|swf|pdf|doc|xls|tiff|tif|txt|shtml|cgi|bat|pl|dll|asp|exe|class|htm|html)$ { | |
access_log off; | |
expires 30d; | |
try_files $uri =404; | |
} | |
### | |
### serve & log bigger media/static/archive files directly | |
### | |
location ~* ^.+\.(avi|mpg|mpeg|mov|wmv|mp3|mp4|m4a|flv|wav|midi|zip|gz|rar)$ { | |
expires 30d; | |
try_files $uri =404; | |
} | |
####################################################### | |
### nginx compact ojs configuration end | |
####################################################### |
Seems to work thank you.
Tried this one first but it did not work https://forum.pkp.sfu.ca/t/ojs3-on-nginx-php7-0-fpm/28590 (Just tried the nginx config)
Note: Restful URLS must be configured off.
Unless doing the necessary modifications it seems.
cgi.fix_pathinfo=1
security.limit_extensions = .php
disable_path_info = Off
Among others like limiting the kinds of functions that can be executed which the URL above mentions.
Also forbid access to .git if its present in uploaded files.
location ~ /\.git {
deny all;
}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It's not worked, any update?