RoE | Wiki

User Tools

Site Tools

Trace: osu oneplus_6_enchilada 10_ltsc_server status_page trinitycore_master_localhost 10 devilutionx misc services freenginx_php_php-cgi
servers:windows:freenginx_php_php-cgi

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
servers:windows:freenginx_php_php-cgi [2026/03/11 13:28] – [Information] Sean Rhoneservers:windows:freenginx_php_php-cgi [2026/03/25 08:59] (current) – [PHP-CGI] Really NTS :p (Thread Safe works though) Sean Rhone
Line 12: Line 12:
 ====== Install ====== ====== Install ======
  
-===== nginx =====+===== freenginx =====
  
   * https://freenginx.org/en/download.html ([[https://freenginx.org/en/CHANGES|CHANGES]])   * https://freenginx.org/en/download.html ([[https://freenginx.org/en/CHANGES|CHANGES]])
Line 23: Line 23:
 ===== PHP-CGI ===== ===== PHP-CGI =====
  
-  * https://windows.php.net/download/ +  * https://www.php.net/downloads.php 
-  * https://windows.php.net/qa/+  * https://www.php.net/pre-release-builds.php
   * x64 Non Thread Safe   * x64 Non Thread Safe
-  * Last tested: ''php-8.5.1-nts-Win32-vs17-x64.zip''+  * Last tested: ''php-8.5.5RC1-nts-Win32-vs17-x64.zip''
  
   * Extract to root system drive for ''C:\php-*\php-cgi.exe''   * Extract to root system drive for ''C:\php-*\php-cgi.exe''
Line 35: Line 35:
   "%SystemRoot%\System32\SystemPropertiesAdvanced.exe"   "%SystemRoot%\System32\SystemPropertiesAdvanced.exe"
  
-  C:\php-8.5.1-nts-Win32-vs17-x64+  C:\php-8.5.5RC1-nts-Win32-vs17-x64
  
 ====== Firewall ====== ====== Firewall ======
Line 51: Line 51:
 ====== Check Defaults ====== ====== Check Defaults ======
  
-==== nginx ====+==== freenginx ====
  
 **** ****
Line 63: Line 63:
   CD "%SystemDrive%\php-"*"-nts-Win32-"*"-x64\" && "%SystemRoot%\System32\notepad.exe" "php.ini-development"   CD "%SystemDrive%\php-"*"-nts-Win32-"*"-x64\" && "%SystemRoot%\System32\notepad.exe" "php.ini-development"
  
-====== nginx Settings ======+====== freenginx Settings ======
  
 ===== confs ===== ===== confs =====
Line 271: Line 271:
   "%SystemRoot%\System32\schtasks.exe" /Create /SC "ONLOGON" /TN "nginx" /TR "%SystemDrive%\www\scripts\nginx\Start.bat" /F   "%SystemRoot%\System32\schtasks.exe" /Create /SC "ONLOGON" /TN "nginx" /TR "%SystemDrive%\www\scripts\nginx\Start.bat" /F
  
-===== Resources =====+====== Resources ======
  
   * https://nginx.org/en/docs/windows.html   * https://nginx.org/en/docs/windows.html
Line 279: Line 279:
   * https://www.php.net/manual/en/image.installation.php   * https://www.php.net/manual/en/image.installation.php
   * [[https://www.ssllabs.com/ssltest/analyze.html?d=wiki.realmofespionage.xyz|Qualys SSL Test]]   * [[https://www.ssllabs.com/ssltest/analyze.html?d=wiki.realmofespionage.xyz|Qualys SSL Test]]
 +
 +====== TODO ======
 +
 +===== Exploit Protection =====
 +
 +  * https://learn.microsoft.com/en-us/defender-endpoint/exploit-protection-reference
 +
 +==== nginx ====
 +
 +  nginx.exe
 +
 +  * Arbitrary code guard (ACG): On
 +    * ''[ ]'' Allow thread opt-out
 +  * Block low integrity images: On
 +  * Block remote images: On
 +  * Block untrusted fonts: On
 +  * Control integrity guard: On
 +    * ''[ ]'' Also allow loading of images signed by Microsoft Store
 +  * Control flow guard (CFG): On
 +    * :!: ''[ ]'' Use strict CFG
 +  * Data Execution Prevention (DEP): On
 +    * ''[ ]'' Enable ATL thunk emulation
 +  * Disable extension points: On
 +  * :!: Disable Win32k system calls: Off
 +  * :!: Do not allow child processes: Off
 +  * Export address filtering (EAF): On
 +    * ''[x]'' Validate access for modules that are commonly abused by exploits.
 +  * Force randomization for images (Mandatory ASLR): On
 +    * ''[x]'' Do not allow stripped images
 +  * Hardware-enforced Stack Protection: On
 +    * ''[x]'' Enforce for all modules instead of only compatible modules
 +  * Import address filtering (IAF): On
 +  * Randomize memory allocations (Bottom-up ASLR): On
 +    * ''[ ]'' Don't use high entropy
 +  * Simulate execution (SimExec): On
 +  * Validate API invocation (CallerCheck): On
 +  * Validate exception chains (SEHOP): On
 +  * Validate handle usage: On
 +  * Validate heap integrity: On
 +  * Validate image dependency integrity: On
 +  * Validate stack integrity (StackPivot): On
 +
 +==== PHP-CGI ====
 +
 +  php-cgi.exe
 +
 +  * :!: Arbitrary code guard (ACG): Off
 +  * Block low integrity images: On
 +  * Block remote images: On
 +  * Block untrusted fonts: On
 +  * :!: Control integrity guard: Off
 +  * Control flow guard (CFG): On
 +    * :!: ''[ ]'' Use strict CFG
 +  * Data Execution Prevention (DEP): On
 +    * ''[ ]'' Enable ATL thunk emulation
 +  * Disable extension points: On
 +  * :!: Disable Win32k system calls: Off
 +  * :!: Do not allow child processes: Off
 +  * Export address filtering (EAF): On
 +    * ''[x]'' Validate access for modules that are commonly abused by exploits.
 +  * Force randomization for images (Mandatory ASLR): On
 +    * ''[x]'' Do not allow stripped images
 +  * Hardware-enforced Stack Protection: On
 +    * ''[x]'' Enforce for all modules instead of only compatible modules
 +  * Import address filtering (IAF): On
 +  * Randomize memory allocations (Bottom-up ASLR): On
 +    * ''[ ]'' Don't use high entropy
 +  * Simulate execution (SimExec): On
 +  * Validate API invocation (CallerCheck): On
 +  * Validate exception chains (SEHOP): On
 +  * Validate handle usage: On
 +  * Validate heap integrity: On
 +  * Validate image dependency integrity: On
 +  * Validate stack integrity (StackPivot): On
 +
  
/var/www/wiki/data/attic/servers/windows/freenginx_php_php-cgi.1773250134.txt.gz · Last modified: by Sean Rhone
Except where otherwise noted, content on this wiki is licensed under the following license: CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki