PHPList

Recipe

server {
            listen 80;
            server_name example.com;

            root /var/www/phplist/public_html/lists;
            index index.php;

            access_log <<log file>>;
            error_log <<log file>>;

            charset utf-8;

            location ~* \.(txt|log|inc)$ {
                allow 127.0.0.1;
                deny all;
            }

            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
              expires max;
              log_not_found off;
           }

            #block phplist config directory
            location /config {
                deny all;
            }

            #per the phplist .htaccess these are the only public allowed php files
            location ~* (index\.php|upload\.php|connector\.php|dl\.php|ut\.php|lt\.php|download\.php)$ {
                   fastcgi_split_path_info ^(.|\.php)(/.+)$;

                   include /etc/nginx/fastcgi_params.conf; #standar fastcgi config file
                   fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                   fastcgi_intercept_errors on;
                   fastcgi_pass 127.0.0.1:9000;
            }


            #block all other php file access from public
            location ~ \.php$ {
               deny all;
            }

}