nginx php hack 보안 설정방법
php.ini의 cgi.fix_pathinfo 확인
cat /etc/php5/fpm/php/ini | grep cgi.fix_pathinfo ; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED suppert for CGI. PHP's cgi.fix_pathinfo=1
cgi.fix_pathinfo=1 일경우 cgi.fix_pathinfo=0으로 edit
; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED suppert for CGI. PHP's cgi.fix_pathinfo=0
참조 URL : http://cnedelcu.blogspot.kr/2010/05/nginx-php-via-fastcgi-important.html
http://wiki.nginx.org/Pitfalls#Passing_Uncontrolled_Requests_to_PHP