Push NGINX mitigation for CVE-2019-11043.

[ghost]

This PR addresses the CVE-2019-11043 which requires changes to the nginx.conf file in order to mitigate.

More information can be found here: https://nextcloud.com/blog/urgent-security-issue-in-nginx-php-fpm/

Relates to #37

[ReinerNippes]

Sorry. I didn't see your merge request. So I copied the nginx config from the manual page to fix the CVE.

https://docs.nextcloud.com/server/18/admin_manual/installation/nginx.html

Just now I'm getting here a merge conflict about back slash quoting with the old code.

Do you know the correct spelling?

<<<<<<< cve-2019-11043-fix
        location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
            fastcgi_split_path_info ^(.+?\.php)(/.*)$;
=======
        location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
            fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
            set $path_info $fastcgi_path_info;
>>>>>>> master

[ghost]

Sorry. I didn't see your merge request. So I copied the nginx config from the manual page to fix the CVE.

https://docs.nextcloud.com/server/18/admin_manual/installation/nginx.html

Just now I'm getting here a merge conflict about back slash quoting with the old code.

Do you know the correct spelling?

<<<<<<< cve-2019-11043-fix
        location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
            fastcgi_split_path_info ^(.+?\.php)(/.*)$;
=======
        location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
            fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
            set $path_info $fastcgi_path_info;
>>>>>>> master

I just followed the modifications in the link I sent in the PR. I will close this PR as it has now been solved 👍