stackoom
  简体   繁体   中英

nginx rule for specific php file

 原文  2015-01-28 11:12:34       nginx/ php

Question

I use nginx with modsecurity and php-fpm on my web server.

I use OWASP ModSecurity Core Rule Set.

I'm trying to use some specific rules for one php file (contact.php)

Here is my nginx config: 

        location /contact.php {
            ModSecurityEnabled on;
            ModSecurityConfig ../owasp-modsecurity-crs/modsecurity_rule1.conf; # Specific rules for this file
    }

        location ~ \.php$ {
            root /home/user/public_html;
            try_files $uri =404;
            fastcgi_pass 127.0.0.1:9001;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_script_name;
            include fastcgi_params;
            ModSecurityEnabled on;
            ModSecurityConfig ../owasp-modsecurity-crs/modsecurity.conf;
    }

When I run with this config I get "500 Internal Server Error"

And this error in the php-fpm 's error.log file: 

2015/01/28 05:43:01 [alert] 1395#0: *1 no upstream configuration, client: IPAdress, server: example.com, request: "POST /contact.php HTTP/1.1", host: "www.example.com", referrer: "https://www.example.com/"

I guess there is a confusion with the two "location" blocks.

How to figure this out?

1 answers

solution1
 0  2015-01-28 12:52:48

location /contact.php has no upstream configured. You must copy-paste all remaining directives from second location

or if you want to keep it DRY maybe this will work: 

http {
map $request_uri $mod_sec_config {
    /contact.php modsecurity_rule1.conf;
    default      modsecurity.conf;
}
}
.....
        location ~ \.php$ {
            root /home/user/public_html;
            try_files $uri =404;
            fastcgi_pass 127.0.0.1:9001;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_script_name;
            include fastcgi_params;
            ModSecurityEnabled on;
            ModSecurityConfig ../owasp-modsecurity-crs/$mod_seq_config;
    }

Not sure if this will work though, and according to nginx authors copy-paste is the right way of writing configs

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question nginx with php and rewrite rule Nginx rule for specific URL's Nginx Rule to Block Specific URL nginx rewrite rule for a specific location Nginx 405 not allowed to specific '.php'-file Nginx Location Block - Exclude Specific PHP File Convert NGINX rewrite rule to PHP Rewrite rule .php to .swf NGINX nginx rewrite rule php melody HTACCESS Rule to NGINX Configuration File (One Rule)
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM