Home >Backend Development >PHP Problem >PHP hidden path NGINX: Keep your files and directories private

PHP hidden path NGINX: Keep your files and directories private

PHPz
PHPzOriginal
2023-04-21 09:12:251032browse

Protecting sensitive information on your website and ensuring user privacy and confidentiality is an important task in the web development process. For PHP developers, files and directories can be protected from direct access by setting hidden paths in NGINX. This article will explain how to use NGINX hidden paths to protect your PHP applications.

  1. What is a hidden path?

Hiding paths is a security measure used to protect sensitive files and directories in PHP applications. It hides the real directory path in the URL, making it more difficult for malicious users to access these files and directories. Hidden path technology can be implemented by setting up a file system link (symlink) in NGINX or through regular expressions.

  1. Set up NGINX and PHP

Before setting the hidden path, you need to make sure that NGINX and PHP have been installed on your server. If you have not installed it yet, you can follow the steps below to install it:

Install NGINX

sudo apt-get update
sudo apt-get install nginx

Install PHP

sudo apt-get install php7.0-fpm
sudo systemctl enable php7.0-fpm.service
sudo systemctl start php7.0-fpm.service

Complete the above steps, your NGINX and PHP have been installed . Next we will set up the hidden path.

  1. Using hidden paths

Setting hidden paths in NGINX mainly uses the instructions location and alias. The following is a sample configuration file, please pay attention to understand the content explained in the comments:

server {
    listen 80;
    server_name example.com;
    root /var/www/html;
    # 访问/foo时映射到/var/www/html/bar目录下
    location ^~ /foo/ {
        alias /var/www/html/bar/;
        index index.php;
        try_files $uri $uri/ /foo/index.php?$args;
    }
    # PHP应用程序的处理方式
    location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    }
}

In the above sample configuration file, we mapped the /foo path to the /var/www/html/bar directory through alias . In this way, the directory path /var/www/html/bar can be hidden in the URL. Moreover, if you access a PHP file in the /foo directory, such as /foo/abc.php, it will be forwarded to the subsequent PHP-FPM for processing through the fastcgi_pass instruction.

  1. Configuring directory permissions

While using hidden paths, you also need to consider directory permissions. If the permissions of a directory are incorrect, it may be directly accessible through other means. In order to ensure the security of hidden paths, you should follow the following rules to set directory permissions:

  • Set the correct group permissions between the web server user and the PHP-FPM user;
  • Make sure that the OWNER of the directory and file is the user you need to authorize;
  • Make sure that the file and directory are readable and writable for the PHP-FPM user;
  • Follow the principle of least permissions, only Authorize necessary files and directories.
  1. Summary

By setting the hidden path function of NGINX, you can cover up sensitive files and directories of web applications and improve security. When using this function, you need to first ensure that NGINX and PHP have been installed on the server, and then set them through the location and alias directives in the NGINX configuration file.

While using hidden paths, don’t forget to set the correct directory permissions to better protect your files and directories. Using this technique can make web applications more secure and prevent unwanted files and directories from being accessed by outsiders.

The above is the detailed content of PHP hidden path NGINX: Keep your files and directories private. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn