Azurel
Silver Pleskian
Why security risk? You can't protect static files with nginx!
I have edit the title. Old title was: Its impossible to use location with file types in "Additional nginx directives"
Plesk Onyx Version 17.0.17 Update #29
in plesk "nginx.conf" is this code for every domain:
When I use in "last_nginx.conf" somthing like this
Main issue here is, that plesk stops all important commands to set deny, expires or add_header and so on for static file types. I think here is a extra directive for static file types necessary, thats include as nested include in location like
So I can for every domain set a custom location directive for this static file types.
Is it possible with a workaround? I need this urgently.
I have edit the title. Old title was: Its impossible to use location with file types in "Additional nginx directives"
Plesk Onyx Version 17.0.17 Update #29
in plesk "nginx.conf" is this code for every domain:
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
location / {
}
location @fallback {
}
// NOTICE: it should be ~* not only ~ (this is a issue in plesk too! ~* means case-insensitive regular expression match)
location ~ ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip))$ {
try_files $uri @fallback;
}
include "/var/www/vhosts/system/cdn.example.com/conf/vhost_nginx.conf";
}
When I use in "last_nginx.conf" somthing like this
and this is a path to a "jpg" file, this code will be ignored.location ~* /myfolder1/(a|b|c)/ {
deny all;
return 403;
}
Main issue here is, that plesk stops all important commands to set deny, expires or add_header and so on for static file types. I think here is a extra directive for static file types necessary, thats include as nested include in location like
location ~* ^/(.*\.(ac3|avi|bmp|bz2|css|cue|dat|doc|docx|dts|eot|exe|flv|gif|gz|htm|html|ico|img|iso|jpeg|jpg|js|mkv|mp3|mp4|mpeg|mpg|ogg|pdf|png|ppt|pptx|qt|rar|rm|svg|swf|tar|tgz|ttf|txt|wav|woff|woff2|xls|xlsx|zip))$ {
try_files $uri @fallback;
include "/var/www/vhosts/system/cdn.example.com/conf/vhost_nginx_filetypes.conf";
}
So I can for every domain set a custom location directive for this static file types.
Is it possible with a workaround? I need this urgently.
Last edited: