我在网上读到的每个 LEMP 堆栈 Nginx 配置教程都说你需要将此代码添加到 try_files 指令中
try_files $uri $uri/ /index.php$is_args$args;
但这段代码的问题在于我的自定义 404 页面将不再显示。显然,问题是由于 try_files 回退到 index.php - 但我不喜欢 example.com/nothing/to/see/here 被重定向到主页的行为
如果我将 try_files 指令更改为......
try_files $uri $uri/ =404;
...它完全按照预期运行。我的 PHP 脚本仍可运行,因为我的配置中也有这个:
location ~* \.php$ {
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
我的问题是,为什么所有在线教程都坚持:
try_files $uri $uri/ /index.php$is_args$args; ????
我甚至注释掉了 try_files,我的网站仍然正常运行
#try_files $uri $uri/ /index.php$is_args$args;
考虑到 try_files 在注释掉之后仍能按预期工作,它是否有必要?
我正在尝试组织我的 nginx.conf 和 site.conf 文件,以便在设置新服务器时有一个主文件可以作为工作依据。
完整的 nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
fastcgi_intercept_errors on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# SSL Settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Logging Settings
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
#Gzip Compression
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
text/javascript application/javascript application/x-javascript
text/x-json application/json application/x-web-app-manifest+json
text/css text/plain text/x-component
font/opentype application/x-font-ttf application/vnd.ms-fontobject
image/x-icon;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
还有我的完整 site.conf
server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}
server {
listen 443;
server_name www.example.com;
ssl on;
ssl_certificate_key /etc/sslmate/example.com.key;
ssl_certificate /etc/sslmate/example.com.chained.crt;
return 301 https://example.com$request_uri;
}
server {
listen 443;
server_name example.com;
root /home/garrett/domains/example.com/public_html;
access_log /home/garrett/domains/example.com/logs/access.log;
error_log /home/garrett/domains/example.com/logs/error.log;
index index.php index.html index;
error_page 404 /404.php;
ssl on;
ssl_certificate_key /etc/sslmate/example.com.key;
ssl_certificate /etc/sslmate/example.com.chained.crt;
# Recommended security settings from https://wiki.mozilla.org/Securit/Server_Side_TLS
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES1$
ssl_prefer_server_ciphers on;
ssl_dhparam /usr/share/sslmate/dhparams/dh2048-group14.pem;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:5m;
# Enable this if you want HSTS (recommended)
add_header Strict-Transport-Security max-age=15768000;
location / {
#try_files $uri $uri/ /index.php$is_args$args;
try_files $uri $uri/ =404;
}
location ~* \.php$ {
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
答案1
此特定调用try_files(以及类似的调用)支持前端控制器模式,其中无论 URL 如何都会调用单个 PHP 文件,因此您设计的 URL 路径可以是任意的(并且对搜索引擎友好)。
听起来你没有使用这种模式,而只是为每个 URL 创建不同的 PHP 文件。只有最简单的程序才应该这样做。现在就停下来,重新设计你的应用程序,趁你还可以轻松做到这一点。