Nginx security configuration: Only access to index.php files is allowed
This article describes how to configure Nginx, only allow access to index.php files, and deny access to all other files or specific PHP files. This enhances server security and prevents unauthorized access.
Scenarios and requirements
Assuming that there are multiple PHP files (such as index.php and test.php ) in the server directory, we need to make sure that only index.php is accessible and other PHP files and other resources are blocked.
Configuration plan
We will provide two configuration solutions to meet different needs:
Scheme 1: Only access to /index.php is allowed, all other requests are denied
This solution is the most stringent, and any other requests except /index.php will be denied. This is suitable for scenarios with extremely high safety requirements.
server {
listen 80;
server_name 192.168.16.86;
root /home/wwwroot/web;
include enable-php.conf;
location = /index.php {
# Process index.php request try_files $uri $uri/ /index.php?$query_string;
}
location / {
deny all;
}
# ... Other location blocks (such as static resource processing) can be retained or removed as needed...
}
Solution 2: Allow access to /index.php and static resources, and reject other PHP files
This solution allows access to static resources (such as pictures, CSS, JS, etc.), and only allows access to index.php , denying access to other PHP files. This is more common in practical applications.
server {
listen 80;
server_name 192.168.16.86;
root /home/wwwroot/web;
include enable-php.conf;
location / {
# Handle static resource request try_files $uri $uri/ =404;
}
location ~ \.php$ {
deny all;
}
location = /index.php {
# Process index.php request try_files $uri $uri/ /index.php?$query_string;
}
# ... Other location blocks (such as static resource cache) can be retained or adjusted as needed...
}
Configuration instructions:
-
location = /index.php: Exactly matches the/index.phppath and only handles requests to the file. -
location ~ \.php$: Use regular expressions to match all files ending in.php. -
deny all: All requests are rejected. -
try_files: Try to find a file or directory, and perform subsequent operations if it is not found.
Which option you choose depends on your specific security needs. Solution 1 is more secure, but the restrictions are stricter; Solution 2 is both security and functionality. Please select and adjust the configuration according to the actual situation. Be sure to test the configuration to make sure it meets your expectations. Remember, safe configuration needs to be cautious and it is recommended to test it in a test environment before applying it to the production environment.
The above is the detailed content of How to configure only allow access to index.php files in Nginx?. For more information, please follow other related articles on the PHP Chinese website!
css ul标签怎么去掉圆点Apr 25, 2022 pm 05:55 PM在css中,可用list-style-type属性来去掉ul的圆点标记,语法为“ul{list-style-type:none}”;list-style-type属性可设置列表项标记的类型,当值为“none”可不定义标记,也可去除已有标记。
css与xml的区别是什么Apr 24, 2022 am 11:21 AM区别是:css是层叠样式表单,是将样式信息与网页内容分离的一种标记语言,主要用来设计网页的样式,还可以对网页各元素进行格式化;xml是可扩展标记语言,是一种数据存储语言,用于使用简单的标记描述数据,将文档分成许多部件并对这些部件加以标识。
css3怎么实现鼠标隐藏效果Apr 27, 2022 pm 05:20 PM在css中,可以利用cursor属性实现鼠标隐藏效果,该属性用于定义鼠标指针放在一个元素边界范围内时所用的光标形状,当属性值设置为none时,就可以实现鼠标隐藏效果,语法为“元素{cursor:none}”。
rtl在css是什么意思Apr 24, 2022 am 11:07 AM在css中,rtl是“right-to-left”的缩写,是从右往左的意思,指的是内联内容从右往左依次排布,是direction属性的一个属性值;该属性规定了文本的方向和书写方向,语法为“元素{direction:rtl}”。
css怎么实现英文小写转为大写Apr 25, 2022 pm 06:35 PM转换方法:1、给英文元素添加“text-transform: uppercase;”样式,可将所有的英文字母都变成大写;2、给英文元素添加“text-transform:capitalize;”样式,可将英文文本中每个单词的首字母变为大写。
css怎么设置i不是斜体Apr 20, 2022 am 10:36 AM在css中,可以利用“font-style”属性设置i元素不是斜体样式,该属性用于指定文本的字体样式,当属性值设置为“normal”时,会显示元素的标准字体样式,语法为“i元素{font-style:normal}”。
怎么设置rotate在css3的旋转中心点Apr 24, 2022 am 10:50 AM在css3中,可以用“transform-origin”属性设置rotate的旋转中心点,该属性可更改转换元素的位置,第一个参数设置x轴的旋转位置,第二个参数设置y轴旋转位置,语法为“transform-origin:x轴位置 y轴位置”。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
mPDF
mPDF is a PHP library that can generate PDF files from UTF-8 encoded HTML. The original author, Ian Back, wrote mPDF to output PDF files "on the fly" from his website and handle different languages. It is slower than original scripts like HTML2FPDF and produces larger files when using Unicode fonts, but supports CSS styles etc. and has a lot of enhancements. Supports almost all languages, including RTL (Arabic and Hebrew) and CJK (Chinese, Japanese and Korean). Supports nested block-level elements (such as P, DIV),
SublimeText3 English version
Recommended: Win version, supports code prompts!
MinGW - Minimalist GNU for Windows
This project is in the process of being migrated to osdn.net/projects/mingw, you can continue to follow us there. MinGW: A native Windows port of the GNU Compiler Collection (GCC), freely distributable import libraries and header files for building native Windows applications; includes extensions to the MSVC runtime to support C99 functionality. All MinGW software can run on 64-bit Windows platforms.
ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment
Zend Studio 13.0.1
Powerful PHP integrated development environment
