How to fix Httpoxy a CGI PHP/Nginx/Apache/Go application vulnerability on Linux or Unix

Posted on in Categories , , , , , , , last updated July 18, 2016

A serious vulnerability was discovered in how CGI scripts are used by Linux or Unix that use PHP, Go, Python, and other scripting languages. How do I fix Httpoxy a CGI application vulnerability on Linux or Unix for HAProxy, Varnish, Nginx, PHP, Go, Python, Tomcat and others?

Nginx: 413 Request Entity Too Large Error and Solution

Posted on in Categories , , last updated February 18, 2014

I‘m running nginx as a frond end to php based Apache+mod_fastcgi server. My app lets user upload images upto 2MB in size. When users trying to upload 1.5MB+ size image file using nginx reverse proxy, they are getting the following error on screen:

Nginx 413 Request Entity Too Large

How do I fix this problem and allow image upload upto 2MB in size using nginx web-server working in reverse proxy or stand-alone mode on Unix like operating systems?

FreeBSD Lighttpd fastcgi php configuration and installation

Posted on in Categories , last updated June 30, 2007

Q. How do I install and configure php under Lighttpd web server. I’m using

=> FreeBSD 6.2

=> Lighttpd 1.5

=> FastCGI PHP 5.2

How do I configure php under Lighttpd?

A. PHP generally runs on a web server like lighttpd taking PHP code as its input and creating Web pages as output. FastCGI is a protocol for interfacing interactive programs with a web server. Lighttpd has mod_fastcgi to run php application.

Assuming that you have php installed (see these instructions on installing Lighttpd+MySQL+php5 under FreeBSD), open lighttpd.conf file:
# vi /usr/local/etc/lighttpd.conf
Make sure FASTCGI module is enabled:
server.modules += ( "mod_fastcgi" )

Now append following code

fastcgi.server = ( ".php" =>
( "localhost" =>
                     (
                        "socket" => "/tmp/php-fastcgi.socket",
                        "bin-path" => "/usr/local/bin/php-cgi"
                      )
                   )
)

Save and close the file. Restart lighttpd:
# /usr/local/etc/rc.d/lighttpd restart