From ab61feb3ab92ef918e0795d71e528fe2931ed482 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Sun, 25 Oct 2020 11:51:40 +0100 Subject: [PATCH] Update nginx.conf to protect against path traversal issue --- conf/nginx.conf | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 45ea394..f69353a 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -28,7 +28,9 @@ # You have PHP FastCGI Process Manager (php5-fpm) running on localhost # You have Friendica installed in /var/www/friendica ## -location __PATH__ { + +#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; +location __PATH__/ { alias __FINALPATH__/; if ($scheme = http) {