donglvchu9143 2013-08-29 11:16
浏览 111
已采纳

PHP无法在location指令中工作

I've set up a test Virtualbox/Debian Wheezy7.1 machine with a bare net-install machine + nginx + php-fpm

I've got SSL, php , basic_auth and allow/deny to work on a server level.

However, If i want the auth stuff to be for one path only, the auth works, but the PHP stuff does not (the index.php gets downloaded in the web browser)

I know it has something to do with how nginx matches location directives, but i'm not sure what it is...

Here is my config file:

server {
       listen         80;
       server_name    www.test.com;
       rewrite        ^ https://$server_name$request_uri? permanent;
}



# HTTPS server

server
{
    listen 443;
    server_name www.test.com;

    root /srv/vhosts/www.test.com/html;
    index index.php ;

    ssl on;
    ssl_certificate /etc/nginx/certs/STAR.test.com.crt;
    ssl_certificate_key /etc/nginx/certs/STAR.test.com.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
    ssl_prefer_server_ciphers on;


    location / {
        try_files $uri $uri/ =404;
    }
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini

                # With php5-fpm:
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        location ~ /\.ht {
                deny all;
        }   

    location ^~ /testdir/ {
        auth_basic "gib login";
        auth_basic_user_file /etc/nginx/htpasswd/www.test.com.htpasswd;
        allow 192.168.1.3;   # my workstation ip
        deny all;
    }
}

Edit: Look at first comment, thanks!

  • 写回答

1条回答 默认 最新

  • doudilin1225 2013-08-29 21:26
    关注

    According to the nginx documentation, the order of location directives matters.

    To determine which location directive matches a particular query, the literal strings are checked first. Literal strings match the beginning portion of the query - the most specific match will be used. Afterwards, regular expressions are checked in the order defined in the configuration file. The first regular expression to match the query will stop the search. If no regular expression matches are found, the result from the literal string search is used.

    Try organizing your location directives so that the directory you want to protect comes first, followed by PHP, followed by your try__files directive. I did a quick test on my system and structuring the location blocks in the following order allowed testdir to be protected and for index.php to still be executed.

    location ^~ /testdir/ {
    auth_basic "gib login";
    auth_basic_user_file /etc/nginx/htpasswd/www.test.com.htpasswd;
    allow 192.168.1.3;   # my workstation ip
    deny all;
}

location ~ \.php$ {

}

location ~ / {
    try_files $uri $uri/ 404;
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 yalmip+Gurobi
  • ¥20 win10修改放大文本以及缩放与布局后蓝屏无法正常进入桌面
  • ¥15 angular开发过程中,想要读取模型文件,即图1的335行,会报404错误(如图2)。但我的springboot里配置了静态资源文件,如图3。且在该地址下我有模型文件如图4,请问该问题该如何解决呢?
  • ¥15 itunes恢复数据最后一步发生错误
  • ¥15 关于#windows#的问题:2024年5月15日的win11更新后资源管理器没有地址栏了顶部的地址栏和文件搜索都消失了
  • ¥100 H5网页如何调用微信扫一扫功能?
  • ¥15 讲解电路图,付费求解
  • ¥15 有偿请教计算电磁学的问题涉及到空间中时域UTD和FDTD算法结合的
  • ¥15 vite打包后,页面出现h.createElement is not a function,但本地运行正常
  • ¥15 Java,消息推送配置