nginx – 拒绝所有被另一个位置块覆盖

发布时间：2020-12-13 21:10:17 所属栏目：Nginx 来源：网络整理

导读：location /_private { deny all;}location ~ .php${ # Workaround PHP vulnerability: # http://forum.nginx.org/read.php?2,88845,page=3 try_files $uri =404; include /etc/nginx/fastcgi_params; keepalive_timeout 0; fastcgi_param SCRIPT_FILENAME $

location /_private {
    deny    all;
}

location ~ .php${
    # Workaround PHP vulnerability:
    # http://forum.nginx.org/read.php?2,88845,page=3
    try_files   $uri =404;

    include /etc/nginx/fastcgi_params;
    keepalive_timeout 0;

    fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_pass    unix:/tmp/php.socket;
}

我想拒绝访问_private目录中的所有内容.
当我尝试访问_private / a时,我得到403错误,就像应该这样.但是当我尝试访问_private / b.php时,拒绝所有部分完全被忽略.

最佳答案

使您的/ _private位置优先于正则表达式匹配：

location ^~ /_private {

而已.

nginx documentation具有关于哪个位置块将应用于给定请求的良好信息.报价：

Directives with the “=” prefix that match the query exactly. If found,searching stops.

All remaining directives with conventional strings. If this match used the “^~” prefix,searching stops.

Regular expressions,in the order they are defined in the configuration file.

If #3 yielded a match,that result is used. Otherwise,the match from #2 is used.

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!