perusio
commented
10 years ago I've just addressed that issue here: https://groups.drupal.org/node/377458.
The config is not vulnerable to uncontrolled PHP execution.
Closed pedrosanchezpernia closed 10 years ago
perusio
commented
10 years ago I've just addressed that issue here: https://groups.drupal.org/node/377458.
The config is not vulnerable to uncontrolled PHP execution.
pedrosanchezpernia
commented
10 years ago Great! Thanks.
There is a security release today for Drupal core 7.24 that include a new configuration for .htaccess file. The related post https://drupal.org/SA-CORE-2013-003 says that : "Please note that if you are using a different web server such as Nginx the .htaccess files have no effect and you need to configure PHP execution protection yourself in the respective server configuration files."
There are detailed instructions for apache and a htaccess example file. But as a newbie with nginx, I wonder how to deal with that more precisely.