From ccad5d7629acec38bcc36a8ea6e6cfe8ef4f1f02 Mon Sep 17 00:00:00 2001
From: Olivier DOSSMANN <olivier+git@dossmann.net>
Date: Mon, 14 Nov 2016 11:58:26 +0100
Subject: fix #2582 - Nginx config: disable all other PHP file from symphony

Regarding
https://www.nginx.com/resources/wiki/start/topics/recipes/symfony/ we
need to limit access to config.php and make_dev.php files from Nginx.
That's why we return 404 error page for these files.
---
 docs/fr/user/installation.rst | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'docs/fr/user')

diff --git a/docs/fr/user/installation.rst b/docs/fr/user/installation.rst
index 4f94d6c8..f6afcda6 100644
--- a/docs/fr/user/installation.rst
+++ b/docs/fr/user/installation.rst
@@ -183,6 +183,12 @@ En imaginant que vous vouliez installer wallabag dans le dossier ``/var/www/wall
             internal;
         }
 
+        # return 404 for all other php files not matching the front controller
+        # this prevents access to other php files you don't want to be accessible.
+        location ~ \.php$ {
+            return 404;
+        }
+
         error_log /var/log/nginx/wallabag_error.log;
         access_log /var/log/nginx/wallabag_access.log;
     }
-- 
cgit v1.2.3