Prevent httpoxy vulnerability in PHP applications

2018-11-29 20:56:28 +01:00
parent 921c43122c
commit 7111fa3a65
1 changed files with 2 additions and 0 deletions
--- a/etc/nginx/fastcgi.conf
+++ b/etc/nginx/fastcgi.conf
@ -24,3 +24,5 @@ fastcgi_param  SERVER_NAME        $server_name;

 # PHP only, required if PHP was built with --enable-force-cgi-redirect
 fastcgi_param  REDIRECT_STATUS    200;
+# https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/
+fastcgi_param HTTP_PROXY "";