我需要你帮助设置位置允许,
location /route {
deny [my-ip];
}
所以这是可行的,它不允许我访问路线
抛出此错误
403 Forbidden
nginx/1.10.0 (Ubuntu)
和这个...
location /route {
allow [my-ip];
deny all;
}
不让我访问,但它应该让我访问路线,不明白为什么,它显示此错误
404 Not Found
nginx/1.10.0 (Ubuntu)
配置文件(带有两个路线示例):
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/laravel/public;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm;
server_name [my-domain];
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
# Phpmyadmin Configurations
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_param HTTPS on; # <-- add this line
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.
(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
# Dealing with the uppercased letters
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /logs {
deny [myip];
}
location /admin {
allow [myip];
deny all;
}
}
答案1
我不相信这是否特别安全,因为/index.php
脚本仍然不受保护。但是您正在覆盖块try_files
中的语句location /
,因此您应该将其添加到新location
块中:
location /admin {
allow [my-ip];
deny all;
try_files $uri $uri/ /index.php?$query_string;
}