From 5ff9d92830f271820862a20bb921230393d783a8 Mon Sep 17 00:00:00 2001
From: okpierre <1679025+okpierre@users.noreply.github.com>
Date: Sat, 26 Oct 2019 01:04:28 -0400
Subject: [PATCH] Update nginx.conf

Updated to include code to prevent remote code execution on certain nginx/php-fpm configurations
---
 contrib/nginx.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/contrib/nginx.conf b/contrib/nginx.conf
index d668ce090..ecb90e15f 100644
--- a/contrib/nginx.conf
+++ b/contrib/nginx.conf
@@ -30,6 +30,7 @@ server {
 
     location ~ \.php$ {
         fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        try_files $fastcgi_script_name =404;
         fastcgi_pass unix:/run/php-fpm/php-fpm.sock; # make sure this is correct
         fastcgi_index index.php;
         include fastcgi_params;