On February 22, 2012 11:48 , Jan Engelhardt <jengelh@xxxxxxxxxx> wrote:
On Wednesday 2012-02-22 17:38, Jan Engelhardt wrote:RewriteEngine On RewriteRule \.php$ proxy:fcgi://localhost:8002/%{DOCUMENT_ROOT}/%{SCRIPT_FILENAME} I share the dismay you might be expressing at seeing that. Is there a nicer way to configure accessing FPM through FastCGI?No, what I've been using is very similar: RewriteRule ^/?(.*\.php)$ fcgi://127.0.0.1:9003/www/wp3/wordpress/$1 [P,L]Could $1 possibly contain ../../secret.php, or does Apache already filter such hacks appropriately?NB: When using fcgi://etc. or proxy:fcgi://etc. as substitution URL together with [P], the debug log of an apache 2.2 (with mod_proxy_fcgi backported) shows that the construction is flawed. Maybe this has been corrected by the 2.3/2.4 series?
I've been using the 2.3 series, and am about to upgrade to 2.4. Nothing I have said is intended for the 2.2 series, apologies for not making that clear in my original response to this and the other PHP-FPM thread. I sort of assumed that the two PHP-FPM threads were occasioned by people trying out 2.4.1, this was a bad assumption on my part.
-- Mark Montague mark@xxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|