dawei
location /_private {
deny all;
}
location ~ \.php${
# Workaround PHP vulnerability:
# http://forum.nginx.org/read.php?2,88845,page=3
try_files $uri =404;
include /etc/nginx/fastcgi_params;
keepalive_timeout 0;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/tmp/php.socket;
}
我想拒绝访问_private目录中的所有内容.
当我尝试访问_private / a时,我得到403错误,就像应该这样.但是当我尝试访问_private / b.php时,拒绝所有部分完全被忽略.
最佳答案
使您的/ _private位置优先于正则表达式匹配:
location ^~ /_private {
而已.
nginx documentation具有关于哪个位置块将应用于给定请求的良好信息.报价:
- Directives with the “=” prefix that match the query exactly. If found,searching stops.
- All remaining directives with conventional strings. If this match used the “^~” prefix,searching stops.
- Regular expressions,in the order they are defined in the configuration file.
- If #3 yielded a match,that result is used. Otherwise,the match from #2 is used.
