diff options
author | Yorhel <git@yorhel.nl> | 2020-12-13 21:30:54 +0100 |
---|---|---|
committer | Yorhel <git@yorhel.nl> | 2020-12-13 21:30:54 +0100 |
commit | f53184496fc369c0c3ec99432c9b7b79434b0621 (patch) | |
tree | 3da006e1446fffa8a021ac1e42dad40f2bc1bf7f /nginx-confgen.pod | |
parent | 8ce4dd84f8914823536e75cf3adcecdb1c615b77 (diff) |
Minor doc fixes
Diffstat (limited to 'nginx-confgen.pod')
-rw-r--r-- | nginx-confgen.pod | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/nginx-confgen.pod b/nginx-confgen.pod index 735a4cc..356b6dd 100644 --- a/nginx-confgen.pod +++ b/nginx-confgen.pod @@ -23,8 +23,8 @@ transformations and generate incorrect configuration files. Comments in the input file will not be present in the output. See also the L</BUGS & WARTS> below. -B<WARNING:> Do NOT use nginx-confgen with untrusted input, the C<pre_exec> -directive allows, by design, arbitrary code execution. +B<SECURITY CONSIDERATION:> Do NOT use nginx-confgen with untrusted input, the +C<pre_exec> directive allows arbitrary code execution by design. =head1 OPTIONS @@ -91,12 +91,12 @@ variables are assumed to be run-time variables for nginx and will be left alone without warning. For example: pre_set $ip 127.0.0.1; - deny $ip; # This will output as: block 127.0.0.1; - deny $otherip; # This will output as: block $otherip; + deny $ip; # This will output as: deny 127.0.0.1; + deny $otherip; # This will output as: deny $otherip; =head2 pre_exec -Run a shell command, and store the output in a variable. For example, nginx +Run a shell command and store the output in a variable. For example, nginx will not use your system's DNS resolution methods to resolve domain names. Instead you need to manually set a C<resolver> address. With the following hack you can fetch the nameserver from C</etc/resolv.conf> and use that as the |