From 09608ab8bb85770a49ffe9dc0379b6db4806c8f5 Mon Sep 17 00:00:00 2001 From: Matthieu Bessat Date: Sun, 8 Aug 2021 19:53:02 +0200 Subject: [PATCH] fix: root path in nginx and forbid locations --- configure_nginx.php | 4 +--- nginx.conf.template | 30 ++++++++++++++++++++++++++++++ 2 files changed, 31 insertions(+), 3 deletions(-) diff --git a/configure_nginx.php b/configure_nginx.php index f26006c..9837f79 100644 --- a/configure_nginx.php +++ b/configure_nginx.php @@ -20,10 +20,8 @@ foreach ($config['modules'] as $moduleName => $moduleConfig) { $domains = array_map(fn ($d) => $d . '.' . $config['domain'], $domains); $serverName = implode(' ', $domains); - $rootPath = $appBasePath . '/' . $domains[0]; - $nginxConfig = $template; - $nginxConfig = str_replace('{{ROOT_PATH}}', $rootPath, $nginxConfig); + $nginxConfig = str_replace('{{ROOT_PATH}}', $appBasePath, $nginxConfig); $nginxConfig = str_replace('{{SERVER_NAME}}', $serverName, $nginxConfig); $nginxConfig = str_replace('{{PHP_SOCKET}}', $phpSocket, $nginxConfig); diff --git a/nginx.conf.template b/nginx.conf.template index 7b59e82..10ac90f 100644 --- a/nginx.conf.template +++ b/nginx.conf.template @@ -5,6 +5,9 @@ server { location / { try_files $uri $uri/ /index.php?$args; } + location /config.php { + return 404; + } location ~ \.php$ { fastcgi_pass unix:{{PHP_SOCKET}}; fastcgi_split_path_info ^(.+\.php)(/.+)$; @@ -12,4 +15,31 @@ server { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; } + location ^~ /wp-admin { + return 403; + } + location ^~ /super-cool-page { + return 403; + } + location ^~ /load_config.php { + return 403; + } + location ^~ /config.php { + return 403; + } + location ^~ /config.example.php { + return 403; + } + location ^~ /utils.php { + return 403; + } + location ^~ /tmp { + return 403; + } + location ^~ /modules { + return 403; + } + location ^~ /configure_nginx.php { + return 403; + } }