IP允许子目录访问NGINX [英] IP allow subdirectory access NGINX

问题描述

我实际上使用 nginx 作为我的网络服务器，我试图使用此拒绝所有子目录访问:

im actually using nginx as my webserver im trying to deny all a subdirectory access using this:

location / {
    root   /usr/share/nginx/html/project;
    index  index.html index.htm index.php;
}



location ~ ^/subdir/ { 
    allow 192.168.1.0/24; 
    deny all; 
    try_files $uri $uri/ /index_subdir.php?$query_string;
}

但是nginx尝试在项目文件夹中找出index_subdir.php.

but nginx try to find out index_subdir.php inside project folder.

希望你能帮我一把.

亲切的问候！！！

推荐答案

您可能需要进行一些更改:

You probably need to make several changes:

server {
    root   /usr/share/nginx/html/project;
    index  index.html index.htm index.php;

    location / {
    }
    location ~ \.php$ {
        ...
    }

    location ^~ /subdir { 
        allow 192.168.1.0/24; 
        deny all; 

        try_files $uri $uri/ /subdir/index_subdir.php?$query_string;

        location ~ \.php$ {
            ...
        }
    }
}

通常，root 和 index 指令放置在 server 块级别，以便所有 location 块继承相同的值.有关详细信息，请参阅本文档.

Generally, root and index directives are placed at the server block level so that all location blocks inherit the same value. See this document for details.

我假设您有一个 location ~ \.php$ 块，它当前执行您的所有 PHP 脚本.

I assume that you have a location ~ \.php$ block that currently executes all of your PHP scripts.

我的示例使用带有 ^~ 修饰符的前缀位置，而不是正则表达式位置.无论在 server 块中的位置如何，修饰符都使其优先.有关详细信息，请参阅本文档.

My example uses a prefix location with the ^~ modifier, rather than a regular expression location. The modifier makes it take precedence irrespective of position within the server block. See this document for details.

try_files 指令的最后一个元素是一个 URI，这意味着它必须包含 /subdir 前缀，如果您特别想要该文件夹中的文件.有关详细信息，请参阅本文档.

The final element of the try_files directive is a URI, which means it must include the /subdir prefix, if you specifically want the file within that folder. See this document for details.

您需要在 location ^~/subdir 块中复制另一个 location ~ \.php$，以便 PHP 脚本受到相同访问规则的保护.

You need to replicate another location ~ \.php$ within the location ^~ /subdir block so that the PHP scripts are protected by the same access rules.

这篇关于IP允许子目录访问NGINX的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！