我的 nginx 配置如下所示:
location / {
satisfy any;
allow SOME_IP_ADDRESS;
allow SOME_IP_ADDRESS;
allow SOME_IP_ADDRESS;
deny all;
auth_basic "Restricted";
auth_basic_user_file SOME_PATH/.htpasswd;
include /etc/nginx/mime.types;
try_files $uri $uri/ @handler;
}
location ~ .php$ {
satisfy any;
allow SOME_IP_ADDRESS;
allow SOME_IP_ADDRESS;
allow SOME_IP_ADDRESS;
deny all;
auth_basic "Restricted";
auth_basic_user_file SOME_PATH/.htpasswd;
add_header X-UA-Compatible 'IE=Edge,chrome=1';
try_files $uri $uri/ =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
include fastcgi_params;
}
目前的结果是,只有列出的IP才可以访问该网站,无需进行身份验证。
我想保持这种方式,但如果请求的 URI 包含特定字符串,也允许每个人跳过授权。
例如:任何人输入domain.com/...SOME-STRING...都可以跳过授权。
- 任何想法?