I have nginx. There is a site in it, the root of the site is /root/SITE In this SITE directory i have some .php files, and few directories. How can i deny the access ONLY to the .php files in the /root/SITE directory (i mean that in those few directories that are in /root/SITE .php files shouldn't be blocked)
1条回答 默认 最新
- doxn43207 2015-06-29 22:51关注
So you're asking that for this server block in your Nginx configuration, only PHP files should be allowed, everything else would get a 404? There's lots of ways to do this (and it would be better to ask in a more Nginx-specific place) - here's just one way:
server { listen 1.2.3.4:80; server_name example.com; root /root/SITE; location ~ \.php$ { include fastcgi.conf; } location ~ .* { return 404; } }
Note that using this method, the order of the location blocks is important, since first regex location wins. Also, you can use the case-insensitive location regex operator
~*
if you need to support.PHP
files for some reason.Keep in mind this means that image files and CSS files and anything else will be denied. You'll only be able to serve images and stylesheets if you push them through (or create them in) PHP. This also will not allow you to access index.php by browsing to the root of the site with no trailing filename.
I suggest that you may have needs that can be satisfied in a different, better way. You should more fully explain what you are trying to do. What kind of security are you trying to create for your application?
本回答被题主选为最佳回答 , 对您是否有帮助呢?解决 无用评论 打赏 举报