nginx-排除除两个文件以外的所有文件
我需要允许internet访问我的Nginx 1.6.0 web服务器上的2个文件: [www.example.com/piwik.php][1] [www.example.com/piwik.js][2] 其他一切都需要封锁。要使用的正确位置指令是什么?我有以下信息,它只是部分工作:nginx-排除除两个文件以外的所有文件,nginx,Nginx,我需要允许internet访问我的Nginx 1.6.0 web服务器上的2个文件: [www.example.com/piwik.php][1] [www.example.com/piwik.js][2] 其他一切都需要封锁。要使用的正确位置指令是什么?我有以下信息,它只是部分工作: # allow everyone to access piwik.php location ~ /piwik.php$ { fastcgi_pass unix:/var/run/php5-fpm.so
# allow everyone to access piwik.php
location ~ /piwik.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# allow everyone to access piwik.js
location ~ /piwik.js$ {
root html;
index index.html index.htm;
}
# The below appears to allow index.php to load, but blocks
# files beneath it (e.g. js/file1.js, imgs/pic1.jpg) so the page
# is only half-rendered and I see a bunch of 403's in my NGINX logs.
# People are still able to access the half-loaded index.php webform
# and login!!!
location / {
allow 192.168.1.1
deny all;
root html;
index index.php index.html index.htm;
}
访问日志如下:
1.2.3.4 - - [04/May/2014:20:04:22 -0400] "GET
/libs/jquery/stylesheets/jquery.smartbanner.css?cb=ef21e462d0300ea546811bec0ee6a912
HTTP/1.1" 403 162 "https://example.com/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS
7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201
Safari/9537.53"
1.2.3.4 - - [04/May/2014:20:04:22 -0400] "GET /plugins/Login/stylesheets/login.css?
cb=ef21e462d0300ea546811bec0ee6a912 HTTP/1.1" 403 162 "https://example.com/index.php"
"Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML,
like Gecko) Version/7.0 Mobile/11D201 Safari/9537.53"
1.2.3.4 - - [04/May/2014:20:03:15 -0400] "GET /plugins/Morpheus/images/logo.svg
HTTP/1.1" 403 162 "https://example.com/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS
7_1_1 like Mac OS X) AppleWebKit/537.51.2 (KHTML, like Gecko) Version/7.0 Mobile/11D201
Safari/9537.53"
当用户尝试访问主页index.php时,错误如下所示
你能包含你的error.log吗?我已经添加了我在web access中看到的403消息。这是你的access.log,需要查看error.log中的实际错误消息添加了一些Nginx错误日志中的error.log消息。根据这些错误,它正常工作-192.168.1.1中没有的主机被拒绝…所以你是说,由于这个特定的错误,用户仍然收到index.php的一部分?即使他们对页面进行了完全shift-F5完全重新加载?如果是这样的话,那肯定是个错误。。。
2014/05/06 14:17:51 [error] 6917#0: *385 access forbidden by rule, client: 180.76.X.X, server: example.com, request: "GET /robots.txt HTTP/1.1", host: "example.com"
2014/05/06 15:21:47 [error] 6917#0: *392 access forbidden by rule, client: 66.249.X.X, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
2014/05/06 15:38:24 [error] 6917#0: *398 access forbidden by rule, client: 66.249.X.X, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
2014/05/06 19:02:45 [error] 6917#0: *412 access forbidden by rule, client: 66.249.X.X, server: example.com, request: "GET / HTTP/1.1", host: "example.com"
2014/05/06 20:06:04 [error] 6917#0: *413 access forbidden by rule, client: 185.4.X.X, server: example.com, request: "GET http://24x7-allrequestsallowed.com/?PHPSESSID=1rmsxtj500143PRTJWQAY%40D%5EJFSX HTTP/1.1", host: "24x7-allrequestsallowed.com"
2014/05/06 20:09:22 [error] 6917#0: *414 access forbidden by rule, client: 66.249.X.X, server: example.com, request: "GET / HTTP/1.1", host: "example.com"