1
0
mirror of https://github.com/phpbb/phpbb.git synced 2025-10-24 05:06:09 +02:00
Commit Graph

13 Commits

Author SHA1 Message Date
ftc2
8f97887683 [ticket/15385] nginx.sample.conf: www redirection, security regex
according to the latest wiki info:
    http://wiki.nginx.org/Pitfalls#Taxing_Rewrites
`return 301` is preferred over a rewrite.

also, the 'security' regex breaks some official extensions because it
will match and deny access to `/ext/phpbb`.
looking through the names of dirs and files containing `phpbb`, it
looks like the intent of the regex was to only disallow the folder
`phpbb` in the root dir and not other `/phpbb` matches.
a negative lookbehind was added to specifically not match `/ext/phpbb`
but still match other occurrences of `/phpbb`.

Tracker ticket: https://tracker.phpbb.com/browse/PHPBB3-15385
2017-10-01 22:57:21 -06:00
Marc Alexander
a2953cb10c Merge branch 'ticket/security-181' into ticket/security-181-rhea 2016-11-13 12:29:28 +01:00
Marc Alexander
7ba9b06881 [ticket/security-181] Port .htaccess changes to other webserver types
SECURITY-181
2016-11-13 11:50:23 +01:00
Marc Alexander
37b2791837 [ticket/14497] Support second app.php script in install folder
PHPBB3-14497
2016-02-25 15:34:32 +01:00
Marc Alexander
966c34d0ad [ticket/14271] Properly use try_files in nginx sample config
PHPBB3-14271
2015-11-10 08:32:51 +01:00
Marc Alexander
b27be0b857 [ticket/14271] Improve try_files and use split path info
PHPBB3-14271
2015-11-09 09:26:05 +01:00
Marc Alexander
27e95864a8 [ticket/14271] Update sample config
PHPBB3-14271
2015-11-05 16:55:19 +01:00
Andreas Fischer
062c951d33 Merge branch 'develop-olympus' into develop
* develop-olympus:
  [ticket/10079] Add gallery avatars to .gitignore.
  [ticket/10069] Improvements to sample nginx configuration.
2011-03-07 22:01:37 +01:00
Oleg Pudeyev
b343920071 [ticket/10069] Improvements to sample nginx configuration.
Most of these were contributed by burningbunny:

https://github.com/burningbunny

PHPBB3-10069
2011-03-06 18:22:13 -05:00
Oleg Pudeyev
9716cceb1b Merge branch 'develop-olympus' into develop
* develop-olympus:
  [ticket/10007] Add directive 'internal' to blocked folders in nginx config.
2011-01-26 05:45:45 -05:00
Andreas Fischer
a970219d61 [ticket/10007] Add directive 'internal' to blocked folders in nginx config.
The "deny" and "access" directives are IP-based in general. Both directives
only support IPv6 from nginx 0.8.22 onwards, on older versions of nginx those
directives have no effect on IPv6 requests. Thus they do not block access for
IPv6 requests.

Adding the "internal" directive blocks external access in general (both IPv4
and IPv6) and makes the web server return a status code 404 (Not Found)
response.

See:
http://nginx.org/en/CHANGES
http://wiki.nginx.org/HttpCoreModule#internal

PHPBB3-10007
2011-01-24 17:35:10 +01:00
Andreas Fischer
6bbdc129c0 [ticket/9790] Support for nginx's X-Accel-Redirect header for attachments.
PHPBB3-9790
2011-01-17 22:37:53 +01:00
Andreas Fischer
cdeffdd59f [ticket/9589] nginx.conf.sample -> nginx.sample.conf
PHPBB3-9589
2011-01-05 00:40:07 +01:00