|
|
|
|
|
|
by labawi
2427 days ago
|
|
|
I haven't studied the issue, but it requires to access/execute php, no? If configuration requires a path to get further than a canned reply from nginx (403, 404, static page..), then it should reduce attack surface a lot. You should not be able to get anywhere near php without the path. |
|
|