Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Not all actions work as expected because of missing location, which should send all request with URI ^/admin/.*/backup_migrate/.*\.mysql
to php-fpm before the next location which denies sql
in the URI for security reasons.
Comments
Comment #1
omega8cc CreditAttribution: omega8cc commentedThis commit fixes the issue: http://drupalcode.org/sandbox/omega8cc/1111100.git/commit/51d51f0
Comment #2
anarcat CreditAttribution: anarcat commentedIsn't a permission deny exactly what we want here? We don't want the webserver to access those files... no?
Comment #3
omega8cc CreditAttribution: omega8cc commentedNo, we don't want the access deny here. It is the opposite - we need to *open* the access here for URI starting with
/admin
so the next location will not deny URI with.mysql
at the end. It is not a direct access to the file, as it goes via/admin
.Marking as RTBC because it was already tested before submitting here.
Comment #4
anarcat CreditAttribution: anarcat commentedUnderstood, merged in 1.x and 2.x.