undefined | Better HN

story

0 pointsnbpoole15y ago0 comments

If you do that, you have to be very careful. I actually did a writeup about this a few days ago that I posted on HN: https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-an...

tl:dr is that the configuration you're suggesting will leave a site open to arbitrary code execution if the site allows for user uploads.

0 comments

Thats not a full config, I did reference the documentation. I have a try_files line, as fcgi runs locally as it happens.

j / k navigate · click thread line to collapse

Thats not a full config, I did reference the documentation. I have a try_files line, as fcgi runs locally as it happens.

j / k navigate · click thread line to collapse