我在正在开发的 Magento 应用程序上收到 403 和 404 错误,我将问题追溯到 NGINX 配置中的两个块,如果我将它们注释掉,问题就会解决,但我想更好地理解我注释掉的内容。
第 1 期
我在访问以下 URL 时遇到了 403 错误
http://www.example.com/media/wysiwyg/.thumbs/wysiwyg/banner.jpg
我猜这是由于下面的代码块造成的,果然,当我将其注释掉时,它就起作用了!
# Deny all attempts to access hidden files
# such as .htaccess, .htpasswd, etc...
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
现在的问题是我的.gitignore文件现在可以访问了。我该如何更好地重写这个块?这是什么~ /\.意思?
第 2 期
我在访问如下 URL 时遇到了 404 错误:
http://www.example.com/js/gene/braintree/braintree-0.1.js
我发现如果我将此文件的名称更改为,braintree-0.1.min.js我就不会再收到 404 错误,并且当我从 NGINX 中删除下面的块时,它会使用原始名称正常加载,braintree-0.1.js因此它一定与文件名末尾的点有关。
##
# Rewrite for versioned CSS+JS via filemtime
##
location ~* ^.+\.(css|js)$ {
rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last;
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
我不太清楚这个块的作用或含义~* ^.+\.(css|js)$ ,我确信我只是从推荐它的某个人的博客上摘下来的。知道它在做什么吗?
下面是我的完整 NGINX 配置文件,提前感谢您提供的任何帮助和建议:)
服务器 { # 监听端口 80 以及端口 443 以进行 SSL 连接。 listen 8080; #listen 443 default ssl;
server_name www.example.com;
# Specify path to your SSL certificates.
#ssl_certificate /etc/nginx/certificates/yourcertificate.crt;
#ssl_certificate_key /etc/nginx/certificates/yourcertificate.key;
# Path to the files in which you wish to
# store your access and error logs.
#access_log /path/to/your/logs/access_log;
#error_log /path/to/your/logs/error_log;
# If the site is accessed via mydomain.com
# automatically redirect to www.magento.localhost.com.
#if ($host = 'example' ) {
#rewrite ^/(.*)$ http://www.example/$1permanent;
#}
root /var/www/example/;
auth_basic "Restricted website - authorised access only";
auth_basic_user_file /etc/nginx/.htpasswd;
location / {
index index.html index.htm index.php;
try_files $uri $uri/ @handler;
}
#include hhvm.conf; # INCLUDE HHVM HERE
# Deny access to specific directories no one
# in particular needs access to anyways.
location /app/ { deny all; }
location /includes/ { deny all; }
location /lib/ { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/ { deny all; }
location /report/config.xml { deny all; }
location /var/ { deny all; }
# Allow only those who have a login name and password
# to view the export folder. Refer to /etc/nginx/htpassword.
#location /var/export/ {
# auth_basic "Restricted";
# auth_basic_user_file htpasswd;
# autoindex on;
#}
location ~* /magmi($|/) {
auth_basic "Restricted website - authorised access only";
auth_basic_user_file /etc/nginx/.htpasswd;
location ~ \.php$ {
if (!-e $request_filename) {
rewrite / /index.php last;
}
expires off;
# --PHP5-FPM CONFIG START (keep fastcgi_param HTTPS OFF)--
#fastcgi_pass unix:/var/run/php5-fpm.sock;
##fastcgi_param HTTPS $fastcgi_https;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# --PHP5-FPM CONFIG START--
# --HHVM CONFIG START--
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# include fastcgi_params;
try_files $uri $uri/ @handler;
# --HHVM CONFIG END--
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
}
# Deny all attempts to access hidden files
# such as .htaccess, .htpasswd, etc...
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# This redirect is added so to use Magentos
# common front handler when handling incoming URLs.
location @handler {
rewrite / /index.php;
}
# Forward paths such as /js/index.php/x.js
# to their relevant handler.
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
##
# Rewrite for versioned CSS+JS via filemtime
##
location ~* ^.+\.(css|js)$ {
rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last;
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
##
# Aggressive caching for static files
# If you alter static files often, please use
# add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";
##
location ~* \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|odb|odc|odf|odg|odp|ods|odt|ogg|ogv|otf|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|t?gz|tif|tiff|ttf|wav|webm|wma|woff|wri|xla|xls|xlsx|xlt|xlw|zip)$ {
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}
# Handle the exectution of .php files.
location ~ .php$ {
if (!-e $request_filename) {
rewrite / /index.php last;
}
expires off;
# --PHP5-FPM CONFIG START (keep fastcgi_param HTTPS OFF)--
#fastcgi_pass unix:/var/run/php5-fpm.sock;
##fastcgi_param HTTPS $fastcgi_https;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# --PHP5-FPM CONFIG START--
# --HHVM CONFIG START--
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#include fastcgi_params;
try_files $uri $uri/ @handler;
# --HHVM CONFIG END--
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
}
答案1
~/. 是什么意思?
这当然在许多教程中都有解释:
以及官方文档:
http://nginx.org/en/docs/beginners_guide.html
http://nginx.org/en/docs/http/request_processing.html
~ 表示后面跟着一个正则表达式,而不是精确匹配。/. 表示转义点,因此是文字点,而不是正则表达式中的“任意字符”含义。这与 .thumb 的匹配方式类似,就像它与 .htaccess 和 .gitignore 的匹配方式一样
我怎样才能更好地重写这个块?
通过让它匹配您想要匹配的内容。例如,如果您只关心 .gitignore,您可以这样做:
~ /\.gitignore
我不太清楚这个块的作用或 ~* ^.+.(css|js)$ 是什么意思,我确信我只是从推荐它的某个人的博客上摘下来的。知道它在做什么吗?
当然,如果你花一点时间理解正则表达式,你也会这样做。
您现在知道 ~ 表示后面跟着一个正则表达式。星号表示正则表达式不区分大小写。其余部分可以通过许多方便的在线工具来解释,例如:
你把正则表达式放进去,然后输入你要匹配的字符串,也就是你的 js url。然后它会告诉你:
^ 断言字符串开头的位置
.+ 匹配任何字符(换行符除外)
量词:+ 一次至无限次之间,尽可能多次,根据需要返回 [贪婪]
. 逐字匹配字符 .
第一个捕获组 (css|js)
第一种方案:
css css 按字面意思匹配字符 css (区分大小写)
第二种选择:js
js 按字面意思匹配字符 js (区分大小写)
$ 断言字符串末尾的位置
你可能也想问如何改进这一点。这取决于你到底想实现什么。
这里的教训是:
1) 学习一些 RegExp 2) 不要只是“从推荐它的人的博客上删除它”这在 IT 世界中是危险的。
不要阅读随机博客,请尝试遵循(某种程度上)官方文档:
https://wiki.magento.com/display/m1wiki/Configuring+nginx+for+Magento+1.x
https://github.com/magenx/nginx-config/blob/master/magento/nginx.conf
Magento 2:https://github.com/magento/magento2/blob/develop/nginx.conf.sample