[英]Nginx configuration to deny access to private Laravel folders
Every answer or tutorial about nginx configuration on Laravel has something like that: 关于Laravel上的Nginx配置的每个答案或教程都有类似的内容:
location ~ \.php {
# fastcgi stuff ...
}
If the Laravel framework has a unique entry point (the public index.php
), wouldn't it be this definition more accurate? 如果Laravel框架具有唯一的入口点(公共index.php
),这个定义难道不是更准确吗?
location ~ index\.php {
# fastcgi stuff ...
}
In a context where you have your app deployed on a subfolder, the first configuration it's allowing the access on every php private file, even if I have already defined a deny all
rule over the private folder. 在将应用程序部署在子文件夹中的情况下,第一个配置是允许访问每个php私有文件,即使我已经定义了对私有文件夹的deny all
规则。
I'm wrong with anything? 我有什么事吗
There is another way to define a fully deny access over a folder? 还有另一种方法来定义对文件夹的完全拒绝访问?
If you want deny access to files in your private folder (eg /private
) add this to your config for virtual host: 如果要拒绝访问私有文件夹中的文件(例如/private
),请将其添加到虚拟主机的配置中:
Case sensitive 区分大小写
location ~ ^/private/(.*)\.php$ {
deny all;
}
Case insensitive: 不区分大小写:
location ~* ^/private/(.*)\.php$ {
deny all;
}
This returns 403 all requests to /private/something.php
, /private/something/something.php
and so on. 这将返回403个的所有请求/private/something.php
, /private/something/something.php
等。 But requests to /private/something
will work. 但是对/private/something
请求将起作用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.