[Pkg-nginx-maintainers] Bug#994199: Change `include /etc/nginx/sites-enabled/*; ` to `.../*.conf; `

[Thomas Landauer]

Package: nginx
Severity: normal

These two lines in `/etc/nginx/nginx.conf` are inconsistent (`*.conf` 
vs. `*`):

 > include /etc/nginx/conf.d/*.conf;
 > include /etc/nginx/sites-enabled/*;

Since all exmples for `sites-enabled` are using `*.conf` filenames, I 
was naturally assuming that only those get included.
Including *everything* could in fact be a security risk (e.g. temp files 
created by editors).

So I'm suggesting to do just the same in `sites-enabled` as in `conf.d`, 
and change the second line by default to:

 > include /etc/nginx/sites-enabled/*.conf;

See also https://trac.nginx.org/nginx/ticket/2244 for an actual issue 
that was caused by this.


-- 
Schöne Grüße
Thomas Landauer