nginx: secure php sources by default config

Question

Mistakes in the php {} part of vhost configuration files make php files to be "readable" with its source code like text files

Is there a global setting, e.g. in the default config to forbid accessing php files without fastcgi?

score 0 · Accepted Answer · answered Jun 20 '12 at 10:03

0

You could just use:

 location ~ \.php$ {
    deny all;
 }

in case you want to make php files to be not accessible server wide or:

 location ~ /path/to/dir/(.+)\.php$ {
    deny all;
 }

For a specific location.

answered Jun 20 '12 at 10:03

Logic Wreck

This overwrites the other location php section (or is ignored). – ledy Jun 21 '12 at 07:06
This is the normal thing to do if you want to ignore php files. In order to know more, the full config needs to be present so to check all the aspects. – Logic Wreck Jun 21 '12 at 10:26

1 Answers1