Catching Files over HTTP/S (Nginx)

Create a Directory to Handle Uploaded Files

sudo mkdir -p /var/www/uploads/SecretUploadDirectory

sudo chown -R www-data:www-data /var/www/uploads/SecretUploadDirectory

Create Nginx Configuration File

Create the Nginx configuration file by creating the file /etc/nginx/sites-available/upload.conf with the contents:

server {
    listen 9001;
    
    location /SecretUploadDirectory/ {
        root    /var/www/uploads;
        dav_methods PUT;
    }
}

sudo ln -s /etc/nginx/sites-available/upload.conf /etc/nginx/sites-enabled/

sudo systemctl restart nginx.service

If we get any error messages, check /var/log/nginx/error.log

tail -2 /var/log/nginx/error.log

ss -lnpt | grep <port>

ps -ef | grep <PID>

sudo rm /etc/nginx/sites-enabled/default

curl -T /etc/passwd http://localhost:9001/SecretUploadDirectory/users.txt

Once we have this working, a good test is to ensure the directory listing is not enabled by navigating to http://localhost/SecretUploadDirectory

Last updated 1 year ago