我正在尝试设置 nginx,因此“static.domain.com”只能提供图像。这是我想出的,但我知道它可以更有效地完成。如果有人试图访问任何 .htm、.php、目录(我还缺少什么?)文件,我想提供 403.html。当然,403.htm 和 static.htm 文件除外。
任何想法如何正确保护它?
server {
listen xx.xx.xx.xx:80;
server_name static.domain.com;
root /www/domain.com/httpdocs;
index static.htm;
access_log off;
error_log /dev/null crit;
error_page 403 /403.html;
# Disable access to .htaccess or any other hidden file
location ~ /\.ht {
deny all;
}
location ~* \.php {
deny all;
}
# Serve static files directly from nginx
location ~* \.(jpg|jpeg|gif|png|bmp|ico|pdf|flv|swf|exe|html|htm|txt|css|js) {
add_header Cache-Control public;
add_header Cache-Control must-revalidate;
expires 7d;
}
}
最佳答案
为什么不向上移动图像然后否认所有?
location ~* \.(jpg|jpeg|gif|png|bmp|ico|pdf|flv|swf|exe|html|htm|txt|css|js) {
add_header Cache-Control public;
add_header Cache-Control must-revalidate;
expires 7d;
}
location / {
deny all;
}
there is no syntax for NOT matching a regular expression. Instead, match the target regular expression and assign an empty block, then use location / to match anything else. -From http://wiki.nginx.org/HttpCoreModule#location
编辑:从“位置/”中删除“=”
引用文档:
location = / {
# matches the query / *only.*
}
location / {
# matches *any query*, since all queries begin with /, but regular
# expressions and any longer conventional blocks will be
# matched first.
}
我的不好。
关于nginx - 只提供图像,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/10309357/