添加多个 nginx 位置

Question 1

听起来你正在创建 3 个不同的server指令，但这是没有必要的。

您可以使用根指令内部地点覆盖匹配路径的根目录的指令。

这是一个最简单的例子，说明了我的意思：

server {
  listen 80 default_server;
  server_name www.example.com;
  root /var/www/public_root;

  location / {
  }

  location /test1 {
    root /var/www/public_test1;
  }

  location /test2 {
    root /var/www/public_test2;
  }
}

这不是一个完整的配置。

Answer

听起来你正在创建 3 个不同的server指令，但这是没有必要的。

您可以使用根指令内部地点覆盖匹配路径的根目录的指令。

这是一个最简单的例子，说明了我的意思：

server {
  listen 80 default_server;
  server_name www.example.com;
  root /var/www/public_root;

  location / {
  }

  location /test1 {
    root /var/www/public_test1;
  }

  location /test2 {
    root /var/www/public_test2;
  }
}

这不是一个完整的配置。

Question 2

这是我的解决方案，它有效。

server {

    listen   80; ## listen for ipv4; 
    listen   [::]:80 default_server ipv6only=on;

    server_name <my_server>;

    # The location of our projects public directory.
    root            /var/www/public;
    index           index.php;

    location / {
        try_files   $uri $uri/ /index.php?$query_string;

        location ~ \.php$ {
            try_files                   $uri                    =404;
            fastcgi_split_path_info     ^(.+\.php)(/.+)$;
            fastcgi_pass                unix:/run/php/php7.3-fpm.sock;
            fastcgi_index               index.php;
            fastcgi_param               SCRIPT_FILENAME         $document_root$fastcgi_script_name;
            include                     fastcgi_params;
        }
    }

    location /public_test1 {

        location ~ /public_test1/(.+\.php)$ {
            fastcgi_param               PHP_VALUE "display_errors=Off";
            fastcgi_split_path_info     ^(.+\.php)(.*)$;
            include                     fastcgi.conf;
            fastcgi_send_timeout        600;
            fastcgi_pass                unix:/var/run/php/php7.3-fpm.sock;
            include                     snippets/fastcgi-php.conf;
            fastcgi_param               SCRIPT_FILENAME /usr/share/public_test1/$1;
            #fastcgi_index              index.php;
        }   

        # Deny some static files
        location ~ ^/public_test1/(README|LICENSE|ChangeLog|DCO)$ {
                deny all;
        }

        # Deny .md files
        location ~ ^/public_test1/(.+\.md)$ {
                deny all;
        }

        # Deny some directories
        location ~ ^/public_test1/(doc|sql|setup)/ {
                deny all;
        }

        # Begin - Security
        # denyall direct access for these folders
        location ~* /(.git|cache|bin|logs|backups|tests)/.*$ { return 403; }
        # deny running scripts inside core system folders
        location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
        # deny running scripts inside user folder
        location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
        # deny access to specific files in the root folder
        location ~ /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
        ## End - Security
        #

    }

    # We don't need .ht files with nginx.
    location ~ /\.ht {
            deny all;
    }

    # Hide dot files/folders
    location ~ .*/\. {
            return 403;
    }

    # optimize static file serving
    location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml|JPG|svg|woff)$ {
            access_log off;
            log_not_found off;
            expires 30d;
    }

    # Begin - Security
    # denyall direct access for these folders
    location ~* /(.git|cache|bin|logs|backups|tests)/.*$ { return 403; }
    # deny running scripts inside core system folders
    location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
    # deny running scripts inside user folder
    location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
    # deny access to specific files in the root folder
    location ~ /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
    ## End - Security
    #
}

Answer

这是我的解决方案，它有效。

server {

    listen   80; ## listen for ipv4; 
    listen   [::]:80 default_server ipv6only=on;

    server_name <my_server>;

    # The location of our projects public directory.
    root            /var/www/public;
    index           index.php;

    location / {
        try_files   $uri $uri/ /index.php?$query_string;

        location ~ \.php$ {
            try_files                   $uri                    =404;
            fastcgi_split_path_info     ^(.+\.php)(/.+)$;
            fastcgi_pass                unix:/run/php/php7.3-fpm.sock;
            fastcgi_index               index.php;
            fastcgi_param               SCRIPT_FILENAME         $document_root$fastcgi_script_name;
            include                     fastcgi_params;
        }
    }

    location /public_test1 {

        location ~ /public_test1/(.+\.php)$ {
            fastcgi_param               PHP_VALUE "display_errors=Off";
            fastcgi_split_path_info     ^(.+\.php)(.*)$;
            include                     fastcgi.conf;
            fastcgi_send_timeout        600;
            fastcgi_pass                unix:/var/run/php/php7.3-fpm.sock;
            include                     snippets/fastcgi-php.conf;
            fastcgi_param               SCRIPT_FILENAME /usr/share/public_test1/$1;
            #fastcgi_index              index.php;
        }   

        # Deny some static files
        location ~ ^/public_test1/(README|LICENSE|ChangeLog|DCO)$ {
                deny all;
        }

        # Deny .md files
        location ~ ^/public_test1/(.+\.md)$ {
                deny all;
        }

        # Deny some directories
        location ~ ^/public_test1/(doc|sql|setup)/ {
                deny all;
        }

        # Begin - Security
        # denyall direct access for these folders
        location ~* /(.git|cache|bin|logs|backups|tests)/.*$ { return 403; }
        # deny running scripts inside core system folders
        location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
        # deny running scripts inside user folder
        location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
        # deny access to specific files in the root folder
        location ~ /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
        ## End - Security
        #

    }

    # We don't need .ht files with nginx.
    location ~ /\.ht {
            deny all;
    }

    # Hide dot files/folders
    location ~ .*/\. {
            return 403;
    }

    # optimize static file serving
    location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml|JPG|svg|woff)$ {
            access_log off;
            log_not_found off;
            expires 30d;
    }

    # Begin - Security
    # denyall direct access for these folders
    location ~* /(.git|cache|bin|logs|backups|tests)/.*$ { return 403; }
    # deny running scripts inside core system folders
    location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
    # deny running scripts inside user folder
    location ~* /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
    # deny access to specific files in the root folder
    location ~ /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess) { return 403; }
    ## End - Security
    #
}

添加多个 nginx 位置

答案1

答案2

相关内容