Apache HTTPD
Configuration
Apache configuration
LoadModule access_compat_module lib/httpd/modules/mod_access_compat.so #needed for Allow/Deny
LoadModule rewrite_module modules/mod_rewrite.so #needed for pretty URLs
<VirtualHost *:80>
ServerName localhost
DocumentRoot "/www"
DirectoryIndex index.php
#FPM support (optional), note that this section must be before the deny rules below to ensure only allowed php files are forwarded to PHP
<LocationMatch \.php$>
ProxyPassMatch fcgi://127.0.0.1:9000/www
</LocationMatch>
#Deny access to bash, cache and include (except plugin images, script and style, e.g. include/plugins/plugin/style/*.css)
<LocationMatch (bash|cache|include)/>
Deny from all
</LocationMatch>
<LocationMatch (images|script|style)/.*\.(png|jpg|gif|css|js)>
Allow from all
</LocationMatch>
#Pretty URLs
RewriteEngine on
RewriteCond %[DOCUMENT_ROOT]%[REQUEST_FILENAME] !-d
RewriteCond %[DOCUMENT_ROOT]%[REQUEST_FILENAME] !-f
RewriteCond %[DOCUMENT_ROOT]%[REQUEST_FILENAME] !-l
RewriteRule ^ /index.php
</VirtualHost>
Nginx
Configuration
Nginx configuration
server {listen 80;
server_name localhost;
root /www;
index index.php;
#Pretty URLs
location / {
try_files $uri $uri/ /index.php?$query_string;
}
#Deny access to bash, cache and include (except plugin images, script and style, e.g. include/plugins/plugin/style/*.css)
location ~ (images|script|style)/.*\.(png|jpg|gif|css|js) {
allow all;
}
location ~ (bash|cache|include)/ {
deny all;
}
#FPM support
location ~ \.php$ {
fastcgi_pass localhost:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}