This article describes how to use FastCGI in PHP to Parse Vulnerabilities and fix the vulnerabilities. For more information, see
This article describes how to use FastCGI in PHP to Parse Vulnerabilities and fix the vulnerabilities. For more information, see
Nginx supports PHP parsing in CGI Mode by default. The common practice is to set SCRIPT_FILENAME through regular expression matching in the Nginx configuration file. When using this urlfile, fastcgi_script_namewill be set to “phpinfo.jpg/1. php ", and then constructed as SCRIPT_FILENAME and passed to php cgi. Pipeline is parsed as the PHP file.
Hazards:
Improper configuration of WebServer Fastcgi may cause other files (such as css, js, jpg and other static files) to be parsed and executed as php scripts. When a user uploads a malicious script webshell to a static file and passes it to the backend php for parsing and execution, attackers can gain operation permissions on the server.
Solution:
(For Nginx users, you can select solution 1 or solution 2. For IIS users, use solution 1)
Solution 1: Modify the php. ini file and set cgi. fix_pathinfo to 0. Restart PHP and NGINX (IIS ).
Solution 2: Add the following code to the Nginx configuration file:
The Code is as follows:
If ($ fastcgi_script_name ~ \ .. * \/. * Php ){
Return 403;
}
This line of code is equivalent to the 403 error code when the URL of test.jpg/a. php is matched. Restart Nginx after modification.