Hi, I did read all topics about this matter here on HowtoForge already, and I'm convinced it's a security issue. But I'm helping a friend configuring ISPConfig on his server and he does have many resellers, and we are trying to figure out how to give our resellers some permission to insert NginX directives on their vHosts. Is that possible to have a plugin or a script to do this? I mean with limited conditions, not affecting the entire server. Thanks any help
a nginx directive is always entered into the nginx configuration, so it will potentially affect all sites on the server. what you can do is that you write a parser for the nginx config so that you can verify that the entered nginx code is not harmful.
Hi @till, Thanks for your time. So the best option is to write a script and some kind of reseller interaction with NginX directives. I will try to find in this forum how to do that, any guidance would be very appreciated. Regards
You can modify the ispconfig source to show the options tab, and then you will have to add ode to limit its input to only valid and harmless directives. E.g. a single path that points outside of the web root can be enough to harm other users and also many directives can affect other sites, so you have to be really careful.
