From 67eaa300177edc89931efc469424ede2cc3ff849 Mon Sep 17 00:00:00 2001
From: Jeremy MANSON <jeremy-manson@jmanson.fr>
Date: Fri, 25 Oct 2019 08:39:06 +0200
Subject: [PATCH] Urgent security issue in NGINX/php-fpm

more information here  : https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/
---
 conf/nginx.conf | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 6c5d7ec..ec7954b 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -47,7 +47,7 @@ location ^~ __PATH__/ {
   #rewrite ^/.well-known/host-meta.json __PATH__/public.php?service=host-meta-json last;
 
   location __PATH__/ {
-    rewrite ^ __PATH__/index.php$request_uri;
+    rewrite ^ __PATH__/index.php;
   }
 
   location = __PATH__/robots.txt {
@@ -66,6 +66,7 @@ location ^~ __PATH__/ {
   location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|ocm-provider/.+)\.php(/.*|)$ {
     include fastcgi_params;
     fastcgi_split_path_info ^(.+\.php)(/.+)$;
+    try_files $fastcgi_script_name =404;
     fastcgi_param SCRIPT_FILENAME $request_filename;
     fastcgi_param PATH_INFO $fastcgi_path_info;
     fastcgi_param HTTPS on;