Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
K
K
kudah2018-04-11 22:44:11
Nginx
kudah, 2018-04-11 22:44:11

Redirect from slash to without, redirect from index.html to without, parameter processing, etc. in nginx?

Good afternoon!
When checking the site on one service, I received the following critical errors:
URL vulnerability: Redirecting the slash at the end of the URL is not configured
URL vulnerability: Arbitrary parameters are processed incorrectly
URL vulnerability: Duplicate hyphens are processed incorrectly
URL vulnerability: Parameter switching is performed incorrectly
Also requires a redirect from site.ru /index.html on site.ru. Site.ru/index.php redirect works.
Please help me set up the server correctly.
Here is the config file:

server {
  server_name site.ru www.site.ru;
  listen 1.1.1.1:80;
  return 301 https://site.ru$request_uri;
}

server {
  server_name www.site.ru;
  listen 1.1.1.1:443 ssl;
  return 301 https://site.ru$request_uri;
  ssl_certificate "/var/www/httpd-cert/agshop/agshop SSL.crtca";
  ssl_certificate_key "/var/www/httpd-cert/agshop/agshop SSL.key";
}

server {
  server_name site.ru;
  ssl on;
  ssl_certificate "/var/www/httpd-cert/agshop/agshop SSL.crtca";
  ssl_certificate_key "/var/www/httpd-cert/agshop/agshop SSL.key";
  ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4;
  ssl_prefer_server_ciphers on;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  add_header Strict-Transport-Security "max-age=129600;";
  ssl_dhparam /etc/ssl/certs/dhparam4096.pem;
  charset off;
  index index.html index.php;
  disable_symlinks if_not_owner from=$root_path;
  include /etc/nginx/vhosts-includes/*.conf;
  include /etc/nginx/vhosts-resources/site.ru/*.conf;
  access_log /var/www/httpd-logs/site.ru.access.log;
  error_log /var/www/httpd-logs/site.ru.error.log notice;
  ssi on;
  set $root_path /var/www/agshop/data/www/site.ru;
  root $root_path;
  listen 1.1.1.1:443 ssl http2;
  gzip on;
  gzip_comp_level 6;
  gzip_disable "msie6";
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
  expires 30d;
  location / {
    location ~ [^/]\.ph(p\d*|tml)$ {
      try_files /does_not_exists @php;
    }
    try_files $uri $uri/ /index.php$is_args$args;
  }
  location @php {
    fastcgi_index index.php;
    fastcgi_param PHP_ADMIN_VALUE "sendmail_path = /usr/sbin/sendmail -t -i -f admin@site.ru";
    fastcgi_pass unix:/var/www/php-fpm/agshop.sock;
    fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)$;
    try_files $uri =404;
    include fastcgi_params;
  }
}

Update1: Gentlemen, what can no one suggest or is the question completely stupid?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

0 answer(s)
Similar questions
F
freeeeez2016-12-12 17:52:46
How to send emails via POSTFIX+DOVERCOT? 2Reply
M
mitaichik2016-12-16 01:00:45
How to stop php execution when a request is terminated? 1Reply
Z
zyusifov112021-01-14 22:33:39
How to update files in flask app nginx? 2Reply
F
Falseclock2019-05-15 08:24:36
What is the nginx module for monitoring connections and requests? 2Reply
G
Gennady2016-12-18 21:35:44
The If-Modified-Since check fails. How to overcome? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question