Nginx配置拒绝访问私有Laravel文件夹
[英]Nginx configuration to deny access to private Laravel folders
问题描述
Every answer or tutorial about nginx configuration on Laravel has something like that: 
关于Laravel上的Nginx配置的每个答案或教程都有类似的内容:
location ~ \.php {
# fastcgi stuff ...
}
If the Laravel framework has a unique entry point (the public index.php ), wouldn't it be this definition more accurate? 如果Laravel框架具有唯一的入口点(公共index.php ),这个定义难道不是更准确吗?
location ~ index\.php {
# fastcgi stuff ...
}
In a context where you have your app deployed on a subfolder, the first configuration it's allowing the access on every php private file, even if I have already defined a deny all rule over the private folder. 在将应用程序部署在子文件夹中的情况下,第一个配置是允许访问每个php私有文件,即使我已经定义了对私有文件夹的deny all规则。
I'm wrong with anything? 我有什么事吗
There is another way to define a fully deny access over a folder? 还有另一种方法来定义对文件夹的完全拒绝访问?
1 个解决方案
解决方案1
2 已采纳 2015-12-02 09:25:27
If you want deny access to files in your private folder (eg /private ) add this to your config for virtual host: 如果要拒绝访问私有文件夹中的文件(例如/private ),请将其添加到虚拟主机的配置中:
Case sensitive 区分大小写
location ~ ^/private/(.*)\.php$ {
deny all;
}
Case insensitive: 不区分大小写:
location ~* ^/private/(.*)\.php$ {
deny all;
}
This returns 403 all requests to /private/something.php , /private/something/something.php and so on. 这将返回403个的所有请求/private/something.php , /private/something/something.php等。 But requests to /private/something will work. 但是对/private/something请求将起作用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.