我对管理面板的位置限制在 Nginx 中不起作用

我对管理面板的位置限制在 Nginx 中不起作用

我的网站位于https://www.example.com ,CMS 面板位于

https://www.example.com/administrator-> 301 ->
https://www.example.com/administrator/-> 302
https://www.example.com/administrator/Login.aspx?Session=Out

我正在尝试限制对 /administrator 的访问,但这不起作用 - 有人可以帮忙吗?

location ~*/administrator {
allow 10.0.0.0/8;
deny all;
}

以下是日志

192.168.5.232 - - [20/Apr/2023:09:17:57 +0530] "GET /administrator/ HTTP/2.0" 302 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0"
192.168.5.232 - - [20/Apr/2023:09:17:57 +0530] "GET /administrator/Login.aspx?Session=Out HTTP/2.0" 200 2448 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0"

这是错误日志

2023/04/20 09:15:34 [notice] 4810#4810: *467 "GET|HEAD|POST" matches "GET", client: 192.168.5.232, server: example.com, request: "GET /administrator/error HTTP/2.0", host: "www.example.com", referrer: "https://www.example.com/administrator/Login.aspx?Session=Out"
2023/04/20 09:17:57 [notice] 4962#4962: *513 "GET|HEAD|POST" matches "GET", client: 192.168.5.232, server: example.com, request: "GET /administrator/ HTTP/2.0", host: "www.example.com"
2023/04/20 09:17:57 [notice] 4962#4962: *513 "GET|HEAD|POST" matches "GET", client: 192.168.5.232, server: example.com, request: "GET /administrator/Login.aspx?Session=Out HTTP/2.0", host: "www.example.com"

答案1

这里不需要正则表达式。只需目录就可以了

location /administrator/ {
allow 10.0.0.0/8;
deny all;
}

而且您在后面缺少一个空白~*,这很可能是实际问题。

相关内容