You are not logged in.
I have been trying to get a single user server side cookie setup running on arch with nginx and fcgiwrap. But cant seem to sort out the following my stripped down nginx.conf is as follows…
server {
listen 127.0.0.1:8080;
server_name login;
location / {
root /home/nginx/login/;
index index.html;
}
location ~ \.cgi$ {
#root if ommited throws 403 error
#root /home/nginx/login #allows .cgi execution
#root /home/nginx/login/cgi-bin/; #throws 403 error
fastcgi_pass unix:/home/nginx/fcgiwrap.sock;
include fastcgi.conf;
}
} current file setup is…
nginx:nginx rwxr-x--- /home/nginx/login - web server root
fcgi:fcgi rwxr-x--- /home/nginx/login/cgi-bin - restrict executables to this folderWith nginx being in the fcgi group and fcgi being in the nginx group...
I was hoping I could restrict what nginx would pass to fcgiwrap to a none nginx owned sub directory. Or at worst figure out whats actually going on here and the only thing i’ve found through searching is old posts about a fcgiwrap bug that was apparently fixed on debian years ago.
So far the only sort of error log or anything to help with debugging has been
Cannot get script name, are DOCUMENT_ROOT and SCRIPT_NAME (or SCRIPT_FILENAME) set and is the script executable?Output from journalctl -u fcgiwrap.service -f…
Guessing I could just be going about this the wrong way but I’m stumped and could use any help trying to figure this out.
Last edited by spareproject (2014-07-29 14:31:01)
Offline
solved thanks to kolbyjack on freenode #nginx...
Stops cgi from being executed in anything bar the cgi-bin folder in the web root
and throws 404 errors for anything that isnt a .cgi in the cgi-bin
http {
upstream_fcgiwrap { server unix:/home/nginx/fcgiwrap.sock }
server {
listen 127.0.0.1:8080;
server_name login;
root /home/nginx/login/;
index index.html;
location /cgi-bin/ {
return 404;
location ~ \.cgi$ {
fastcgi_pass _fcgiwrap;
include fastcgi.conf;
}
}
}Offline