Nginx安全链接模块不适用于php文件,但适用于静态文件 [英] Nginx secure link module not working with php files but working on static files
问题描述
我正在使用 http://nginx.org/en/docs/http/ngx_http_secure_link_module .html Nginx安全链接模块以保护静态文件下载.对于静态文件,它工作正常.
I am using http://nginx.org/en/docs/http/ngx_http_secure_link_module.html Nginx secure link module to secure the static file downloads. It is working fine for static files.
但是当我尝试用php文件实现它时,它不起作用.基本上我是通过ajax请求来使用它的,例如
But when I tried to implement this with php files, its not working. Basically I am using it through ajax request like
http://www.example.com/dev/serve.php?h=hash&t=timestamp
当我在下面进行检查时,尽管它没有哈希和时间戳:
When I checked below, it was working without any restriction although it doesn't have hash and timestamp:
http://www.example.com/dev/serve.php
对于静态文件,它可以正常工作,即访问任何没有哈希和时间戳的图像时,它返回指定的错误请求响应:
And for static files, it work normally i.e. when accessing any image without hash and timestamp its returning the specified bad request response:
http://www.example.com/dev/image.png
服务器配置:
#
# The default server
#
server {
listen 80;
server_name www.example.com;
location / {
root /box;
index index.php index.html index.htm;
}
error_page 404 /404.html;
location = /404.html {
root /box;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
root /box;
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location /dev/ {
root /box;
secure_link $arg_h,$arg_s;
secure_link_md5 "secret$uri$secure_link_expires$remote_addr";
if ($secure_link = "") {
return 403;
}
if ($secure_link = "0") {
return 410;
}
}
}
我的问题:
- 它不适用于php之类的动态文件吗?
- 如果适用,那么如何实施?
推荐答案
一段时间后,我找到了解决方法:
After a while I found the solution:
#
# The default server
#
server {
listen 80;
server_name www.example.com;
location / {
root /box;
index index.php index.html index.htm;
}
error_page 404 /404.html;
location = /404.html {
root /box;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
root /box;
secure_link $arg_h,$arg_s;
secure_link_md5 "secret$uri$secure_link_expires$remote_addr";
if ($secure_link = "") {
return 403;
}
if ($secure_link = "0") {
return 410;
}
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
请注意,该解决方案适用于php文件,只需进行少量修改即可适用于其他文件.
Please note that the solution is for php files, with few modification it will work for other files also.
这篇关于Nginx安全链接模块不适用于php文件,但适用于静态文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!