Articles tagged in nginx

  1. Securing PHP-FastCGI on Nginx

    Via Hacker News. Setting up PHP-FastCGI and nginx? Don’t trust the tutorials: check your configuration! I have in fact written quite a few tutorials and published automated scripts that are vulnerable. Seems the easiest way to prevent this issue is by adding a try_files statement (or a if (-f $request_filename) if Nginx -V < 0.7.27) into location ~ \.php block. For example

    location ~ \.php$ { # For nginx -V >= 0.7.27
      try_files $uri =404;
      fastcgi_pass localhost:8080;
      ...
    }
    location ~ \.php$ { # For nginx -V < 0.7.27, i.e. Debian 5
      if (-f $request_filename) {
        fastcgi_pass localhost:8080;
      }
      ...
    }
    
  2. WordPress.com From LiteSpeed to Nginx

    shyam: Goodbye Litespeed, hello Nginx, says Wordpress.com. Apparently the reason to ditch LiteSpeed for Nginx is, according to Matt M (but no quotes), that WordPress wants to run open source for their full stack. LiteSpeed is a nice (but expensive) async-IO based web server that provides full Apache compatibility (which is not that useful if you just want to serve a single app). Another blow to the proprietary software?