我需要帮助来回忆我做了什么来允许 Plesk 使用.htaccess。我最近更改了域上的 PHP 上传文件大小,突然我的.htaccess指令停止工作。这意味着我“修复”了某些内容(可能是在)httpd.conf,但愚蠢地没有将修复传播到不会被 Plesk 自动覆盖的文件。(是的,白痴......)
我的.htaccess文件有一系列条目,如下所示。这就是它的全部内容。目的是让我能够像example.com/command执行文件一样执行它。我已经这样做了几十年。如果您能原谅我,如果您的回答是“不要这样做……”之类的话,请克制自己。谢谢。commandcommand.php
.htaccess
<Files support>
SetHandler proxy:unix:///var/www/vhosts/system/example.com/php-fpm.sock|fcgi://127.0.0.1:9000
</Files>
我尝试根据 Plesk 的说明将这些条目发布到 Apache“附加指令”字段中(创建文件vhosts.conf,我重新配置以便正确包含它)但无济于事。
http配置文件
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
#IF YOU REQUIRE TO APPLY CUSTOM MODIFICATIONS, PERFORM THEM IN THE FOLLOWING FILES:
#/var/www/vhosts/system/example.com/conf/vhost.conf
#/var/www/vhosts/system/example.com/conf/vhost_ssl.conf
<IfModule mod_ssl.c>
<VirtualHost 216.55.178.166:7081 >
ServerName "example.com:443"
ServerAlias "www.example.com"
ServerAlias "ipv4.example.com"
ServerAdmin "[email protected]"
UseCanonicalName Off
DocumentRoot "/var/www/vhosts/example.com/web"
CustomLog /var/www/vhosts/system/example.com/logs/access_ssl_log plesklog
ErrorLog "/var/www/vhosts/system/example.com/logs/error_log"
<IfModule mod_suexec.c>
SuexecUserGroup "me_phelps" "psacln"
</IfModule>
<IfModule mod_userdir.c>
UserDir "/var/www/vhosts/example.com/web_users/*"
</IfModule>
<IfModule mod_sysenv.c>
SetSysEnv PP_VHOST_ID "199da76e-b413-4968-8251-301b780838f1"
</IfModule>
ScriptAlias "/cgi-bin/" "/var/www/vhosts/example.com/web/cgi-bin/"
Alias "/plesk-stat" "/var/www/vhosts/system/example.com/statistics"
<Location /plesk-stat/>
Options +Indexes
</Location>
<Location /plesk-stat/logs/>
Require valid-user
</Location>
Alias /webstat /var/www/vhosts/system/example.com/statistics/webstat
Alias /webstat-ssl /var/www/vhosts/system/example.com/statistics/webstat-ssl
Alias /ftpstat /var/www/vhosts/system/example.com/statistics/ftpstat
Alias /anon_ftpstat /var/www/vhosts/system/example.com/statistics/anon_ftpstat
Alias /awstats-icon /var/www/html/awstats/icon
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certW5TKkGV
<Directory /var/www/vhosts/example.com/web>
<IfModule mod_fcgid.c>
<Files ~ (\.fcgi$)>
SetHandler fcgid-script
Options +ExecCGI
</Files>
</IfModule>
<IfModule mod_proxy_fcgi.c>
<Files ~ (\.php$)>
SetHandler proxy:unix:///var/www/vhosts/system/example.com/php-fpm.sock|fcgi://127.0.0.1:9000
</Files>
</IfModule>
SSLRequireSSL
Options -Includes +ExecCGI
</Directory>
<Directory "/var/www/vhosts/system/example.com/statistics">
AuthType Basic
AuthName "Domain statistics"
AuthUserFile "/var/www/vhosts/system/example.com/pd/d..httpdocs@plesk-stat"
require valid-user
</Directory>
Alias /error_docs /var/www/vhosts/example.com/error_docs
ErrorDocument 400 /error_docs/bad_request.html
ErrorDocument 401 /error_docs/unauthorized.html
ErrorDocument 403 /error_docs/forbidden.html
ErrorDocument 404 /error_docs/not_found.html
ErrorDocument 500 /error_docs/internal_server_error.html
ErrorDocument 405 /error_docs/method_not_allowed.html
ErrorDocument 406 /error_docs/not_acceptable.html
ErrorDocument 407 /error_docs/proxy_authentication_required.html
ErrorDocument 412 /error_docs/precondition_failed.html
ErrorDocument 414 /error_docs/request_uri_too_long.html
ErrorDocument 415 /error_docs/unsupported_media_type.html
ErrorDocument 501 /error_docs/not_implemented.html
ErrorDocument 502 /error_docs/bad_gateway.html
ErrorDocument 503 /error_docs/maintenance.html
DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml"
Include "/var/www/vhosts/system/example.com/conf/vhost_ssl.conf"
<Directory /var/www/vhosts/example.com>
AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,FollowSymLinks,ExecCGI,Includes,IncludesNOEXEC
</Directory>
</VirtualHost>
</IfModule>
<VirtualHost 216.55.178.166:7080 >
ServerName "example.com:80"
ServerAlias "www.example.com"
ServerAlias "ipv4.example.com"
ServerAdmin "[email protected]"
UseCanonicalName Off
DocumentRoot "/var/www/vhosts/example.com/web"
CustomLog /var/www/vhosts/system/example.com/logs/access_log plesklog
ErrorLog "/var/www/vhosts/system/example.com/logs/error_log"
<IfModule mod_suexec.c>
SuexecUserGroup "me_phelps" "psacln"
</IfModule>
<IfModule mod_userdir.c>
UserDir "/var/www/vhosts/example.com/web_users/*"
</IfModule>
<IfModule mod_sysenv.c>
SetSysEnv PP_VHOST_ID "199da76e-b413-4968-8251-301b780838f1"
</IfModule>
ScriptAlias "/cgi-bin/" "/var/www/vhosts/example.com/web/cgi-bin/"
Redirect permanent /plesk-stat https://example.com/plesk-stat
Redirect permanent /webstat https://example.com/webstat
Redirect permanent /webstat-ssl https://example.com/webstat-ssl
Redirect permanent /ftpstat https://example.com/ftpstat
Redirect permanent /anon_ftpstat https://example.com/anon_ftpstat
Redirect permanent /awstats-icon https://example.com/awstats-icon
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory /var/www/vhosts/example.com/web>
<IfModule mod_fcgid.c>
<Files ~ (\.fcgi$)>
SetHandler fcgid-script
Options +ExecCGI
</Files>
</IfModule>
<IfModule mod_proxy_fcgi.c>
<Files ~ (\.php$)>
SetHandler proxy:unix:///var/www/vhosts/system/example.com/php-fpm.sock|fcgi://127.0.0.1:9000
</Files>
</IfModule>
Options -Includes +ExecCGI
</Directory>
<Directory "/var/www/vhosts/system/example.com/statistics">
AuthType Basic
AuthName "Domain statistics"
AuthUserFile "/var/www/vhosts/system/example.com/pd/d..httpdocs@plesk-stat"
require valid-user
</Directory>
Alias /error_docs /var/www/vhosts/example.com/error_docs
ErrorDocument 400 /error_docs/bad_request.html
ErrorDocument 401 /error_docs/unauthorized.html
ErrorDocument 403 /error_docs/forbidden.html
ErrorDocument 404 /error_docs/not_found.html
ErrorDocument 500 /error_docs/internal_server_error.html
ErrorDocument 405 /error_docs/method_not_allowed.html
ErrorDocument 406 /error_docs/not_acceptable.html
ErrorDocument 407 /error_docs/proxy_authentication_required.html
ErrorDocument 412 /error_docs/precondition_failed.html
ErrorDocument 414 /error_docs/request_uri_too_long.html
ErrorDocument 415 /error_docs/unsupported_media_type.html
ErrorDocument 501 /error_docs/not_implemented.html
ErrorDocument 502 /error_docs/bad_gateway.html
ErrorDocument 503 /error_docs/maintenance.html
DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml"
Include "/var/www/vhosts/system/example.com/conf/vhost.conf"
<Directory /var/www/vhosts/example.com>
AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,FollowSymLinks,ExecCGI,Includes,IncludesNOEXEC
</Directory>
</VirtualHost>
我考虑过改成AllowOverride,All但使用 该vhost.conf文件应该可以工作,即使没有它,不是吗? 该vhost.conf文件对我来说是一个非常合适的解决方案,因为它可以恢复我心爱的.htacess功能(尽管性能受到影响)。 但就目前而言,尝试执行example.com/support会导致Access Prohibited错误。 当我查看我的错误文件时,我发现...
example.com/logs/error_log
[proxy_fcgi:error] [pid 19834] [client 67.161.220.240:48094] AH01071: Got error 'Access to the script '/var/www/vhosts/example.com/web/support' has been denied (see security.limit_extensions)\n'
请注意,我尝试过将其设置security.limit_extensions =为空白,但同样不起作用。我了解安全限制,但我在自己的服务器上工作,所以我愿意承担风险。
example.com/log/proxy_error_log (nginx)
[error] 27192#0: *115850 connect() failed (111: Connection refused) while connecting to upstream, client: 46.17.42.140, server: exammple.com, request: "POST /support/contact_us HTTP/1.1", upstream: "http://1.1.1.1:7080/support/contact_us", host: "example.com"
并且,为了彻底起见,nginx 配置文件。
nginx.conf
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
listen 216.55.178.166:443 ssl;
server_name example.com;
server_name www.example.com;
server_name ipv4.example.com;
ssl_certificate /usr/local/psa/var/certificates/certW5TKkGV;
ssl_certificate_key /usr/local/psa/var/certificates/certW5TKkGV;
client_max_body_size 128m;
root "/var/www/vhosts/example.com/web";
access_log "/var/www/vhosts/system/example.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log";
location / {
proxy_pass https://216.55.178.166:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /internal-nginx-static-location/ {
alias /var/www/vhosts/example.com/web/;
internal;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
proxy_pass https://216.55.178.166:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
add_header X-Powered-By PleskLin;
}
server {
listen 216.55.178.166:80;
server_name example.com;
server_name www.example.com;
server_name ipv4.example.com;
client_max_body_size 128m;
root "/var/www/vhosts/example.com/web";
access_log "/var/www/vhosts/system/example.com/logs/proxy_access_log";
error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log";
location / {
proxy_pass http://216.55.178.166:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /internal-nginx-static-location/ {
alias /var/www/vhosts/example.com/web/;
internal;
}
location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) {
proxy_pass http://216.55.178.166:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
add_header X-Powered-By PleskLin;
}
答案1
这是惊人的在我们这个复杂的小世界里,有些事物是如何运作的,有些则不然。
我确实需要添加以下内容:
[php-fpm-pool-settings]
security.limit_extensions =
问题在于,Plesk 的“PHP 设置”下的“附加指令”字段显然什么也没做。好吧,也许它起了点作用,但无论它起了什么作用,都没有用。
我必须手动创建一个/var/www/vhosts/system/example.com/conf/php.ini文件并向其中添加上述两行。然后,我必须通过 Plesk 的“PHP 设置”页面“应用”空更改(无论是否实际更改了任何内容),以便正确组合所有配置并重新启动正确的服务...
然后它就成功了。
我花了两天时间追踪这个丑陋的怪物,因为 Plesk 的“附加指令”字段并不像广告中说的那样工作。
干杯,朋友们。