Commit 5133c92d authored by memtkmcc's avatar memtkmcc Committed by colan

Issue #2768725 by memtkmcc, colan: Started blocking httpoxy attacks.

parent e4505b3a
......@@ -58,6 +58,10 @@ server {
server {
include fastcgi_params;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
fastcgi_param MAIN_SITE_NAME <?php print $this->uri; ?>;
set $main_site_name "<?php print $this->uri; ?>";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
......
......@@ -92,6 +92,8 @@ if ($nginx_has_upload_progress) {
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
fastcgi_param REDIRECT_STATUS 200;
fastcgi_index index.php;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
<?php endif; ?>
## Size Limits
......
......@@ -282,6 +282,9 @@ location ^~ /<?php print $subdir; ?> {
include fastcgi_params;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
fastcgi_param db_type <?php print urlencode($db_type); ?>;
fastcgi_param db_name <?php print urlencode($db_name); ?>;
fastcgi_param db_user <?php print urlencode($db_user); ?>;
......@@ -745,6 +748,9 @@ location ^~ /<?php print $subdir; ?> {
include fastcgi_params;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
fastcgi_param db_type <?php print urlencode($db_type); ?>;
fastcgi_param db_name <?php print urlencode($db_name); ?>;
fastcgi_param db_user <?php print urlencode($db_user); ?>;
......@@ -944,6 +950,9 @@ location ^~ /<?php print $subdir; ?> {
include fastcgi_params;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
fastcgi_param db_type <?php print urlencode($db_type); ?>;
fastcgi_param db_name <?php print urlencode($db_name); ?>;
fastcgi_param db_user <?php print urlencode($db_user); ?>;
......@@ -1020,6 +1029,9 @@ location ^~ /<?php print $subdir; ?> {
include fastcgi_params;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
fastcgi_param db_type <?php print urlencode($db_type); ?>;
fastcgi_param db_name <?php print urlencode($db_name); ?>;
fastcgi_param db_user <?php print urlencode($db_user); ?>;
......@@ -1165,6 +1177,9 @@ location @allowupdate_<?php print $subdir_loc; ?> {
<?php endif; ?>
include fastcgi_params;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
fastcgi_param db_type <?php print urlencode($db_type); ?>;
fastcgi_param db_name <?php print urlencode($db_name); ?>;
fastcgi_param db_user <?php print urlencode($db_user); ?>;
......
......@@ -24,6 +24,10 @@ if ($this->redirection) {
server {
include fastcgi_params;
# Block https://httpoxy.org/ attacks.
fastcgi_param HTTP_PROXY "";
fastcgi_param MAIN_SITE_NAME <?php print $this->uri; ?>;
set $main_site_name "<?php print $this->uri; ?>";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment