We provide guidance on using NGINX to mitigate the recently discovered vulnerability in PHP-FPM (CVE-2019-11043). The vulnerability is triggered when the PATH_INFO variable passed to PHP-FPM with an invalid value, which can happen in a common NGINX configuration.
NGINX Unit 1.2 Available Now
NGINX Unit 1.2, available now, adds environment variables across application languages, versions, and sessions; php.ini configuration; and command-line configuration for Go executables. Parameters can still be defined dynamically, with no disruption to running services or loss of connectivity.
Installing WordPress with NGINX Unit
NGINX Unit supports PHP, which is very widely used for web programming. NGINX Unit therefore supports WordPress, written in PHP, and which is a content management system and application used by more than 30% of the sites on the Web. Use this blog post to install Unit and NGINX together with WordPress.
Maximizing PHP 7 Performance with NGINX, Part 2: Multiple Servers and Load Balancing
Maximize NGINX PHP performance vs. Apache, at the web server level, and NGINX PHP performance by implementing a reverse proxy server.
Maximizing PHP 7 Performance with NGINX, Part 1: Web Serving and Caching
Learn how to optimize your PHP applications by upgrading to PHP 7 and using NGINX for web serving, caching static files, and microcaching dynamic files.
Real-Time Web Applications with WebSocket and NGINX
Learn about using NGINX to build real-time WebSocket applications such as online games, chat applications, stock tracking, sports scores, and more