douping5226
douping5226
2015-06-29 21:23
浏览 306
已采纳

Nginx阻止根目录

I have nginx. There is a site in it, the root of the site is /root/SITE In this SITE directory i have some .php files, and few directories. How can i deny the access ONLY to the .php files in the /root/SITE directory (i mean that in those few directories that are in /root/SITE .php files shouldn't be blocked)

图片转代码服务由CSDN问答提供 功能建议

我有nginx。 其中有一个站点,站点的根目录是/ root / SITE 在这个SITE目录中我有一些.php文件和几个目录。 我如何拒绝只访问/ root / SITE目录中的.php文件(我的意思是在/ root / SITE .php文件中的那几个目录中不应该被阻止) < / DIV>

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • doxn43207
    doxn43207 2015-06-29 22:51
    已采纳

    So you're asking that for this server block in your Nginx configuration, only PHP files should be allowed, everything else would get a 404? There's lots of ways to do this (and it would be better to ask in a more Nginx-specific place) - here's just one way:

    server {
        listen 1.2.3.4:80;
        server_name example.com;
        root /root/SITE;
        location ~ \.php$ {
            include fastcgi.conf;
        }
        location ~ .* {
            return 404;
        }
    }
    

    Note that using this method, the order of the location blocks is important, since first regex location wins. Also, you can use the case-insensitive location regex operator ~* if you need to support .PHP files for some reason.

    Keep in mind this means that image files and CSS files and anything else will be denied. You'll only be able to serve images and stylesheets if you push them through (or create them in) PHP. This also will not allow you to access index.php by browsing to the root of the site with no trailing filename.

    I suggest that you may have needs that can be satisfied in a different, better way. You should more fully explain what you are trying to do. What kind of security are you trying to create for your application?

    点赞 评论

相关推荐