From 0a4435b8d57f7bdd5e3b0720cfa96e45e1a23f94 Mon Sep 17 00:00:00 2001
From: A Holt <holta@users.noreply.github.com>
Date: Fri, 30 Jul 2021 10:16:03 -0400
Subject: [PATCH] nginx/templates/server.conf.j2: Comment out /cgi-bin access
 to /usr/lib

---
 roles/nginx/templates/server.conf.j2 | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/roles/nginx/templates/server.conf.j2 b/roles/nginx/templates/server.conf.j2
index 0272a27f8..37aeca372 100644
--- a/roles/nginx/templates/server.conf.j2
+++ b/roles/nginx/templates/server.conf.j2
@@ -20,9 +20,10 @@ server {
         include fastcgi_params;
     }
 
-    location /cgi-bin {
-        root /usr/lib;
-    }
+    # 2021-07-30: Security risk identified by @tim-moody
+    #location /cgi-bin {
+    #    root /usr/lib;
+    #}
 
     # if you don't like seeing all the errors for missing favicon.ico in root
     location = /favicon.ico { access_log off; log_not_found off; }