在让我列出我尝试过的内容之前:
我在我的主目录内的子目录上执行 php 代码时遇到问题。
在 Nginx 我得到这个
2016/08/23 09:13:40 [error] 39170#0: *13 FastCGI sent in stderr: "Access to the script
'/Users/user/portal3' has been denied (see security.limit_extensions)" while reading
response header from upstream, client: 127.0.0.1, server: localhost, request:
"GET /portal/v3/index.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host: "localhost"
在 php-fpm 这显示
[23-Aug-2016 09:13:40] WARNING: [pool dev] child 8305 said into stderr: "NOTICE: Access to the script '/Users/user/portal3' has been denied (see security.limit_extensions)"
我已经尝试了所有方法,但在 Mac 上使用 Nginx/PHP-FPM 运行 php 没有任何成功
Ngnix 和 PHP-FPM 以 root 身份运行
PHP-FPM 它配置了两个池:
php-fpm.ini
[dev]
user=user
group=staff
listen=127.0.0.1:9001
listen.mode = 0666
pm = ondemand
pm.max_children = 10
pm.process_idle_timeout = 10s
pm.status_path = /status_user
catch_workers_output = yes
security.limit_extensions = .php
默认(在站点上可用)Nginx
server {
listen 80;
server_name localhost;
###root /var/www/;
access_log /usr/local/etc/nginx/logs/default.access.log main;
access_log /usr/local/etc/nginx/logs/default.scripts.log scripts;
location /portal/v3 {
alias /Users/user/portal3;
location ~ ^/portal/v3/(.+\.php)(/.*)$ {
#alias /Users/user/portal3;
index index.php;
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$2;#$fastcgi_script_name;
include fastcgi_params;
}
}
location = /info {
allow 127.0.0.1;
deny all;
rewrite (.*) /.info.php;
}
location / {
root /var/www/;
index index.php index.html index.htm;
include /usr/local/etc/nginx/conf.d/php-fpm;
}
error_page 404 /404.html;
error_page 403 /403.html;
}
我已经使用 Homebrew 软件安装了所有东西。现在我的想法不多了,我来这里是为了寻求帮助。
最佳答案
在您的 PHP-FPM config你有一个指令叫 security.limit_extensions
Limits the extensions of the main script FPM will allow to parse. This can prevent configuration mistakes on the web server side. You should only limit FPM to .php extensions to prevent malicious users to use other extensions to execute php code. Default value: .php.
在你的情况下,因为你的
location
块不包含 index
指令,nginx 不知道使用 index.php
作为路径指向/Users/user/portal3
时的默认索引文件.相反,它尝试将其作为 PHP 脚本执行,而 PHP-FPM 提出了 /Users/user/portal3
的安全限制。没有 .php 扩展名。您的位置块应该看起来更像这样......
location /portal/v3 {
alias /Users/user/portal3;
index index.php;
location ~ ^/portal/v3/(.+\.php)(/.*)$ {
fastcgi_param HTTP_PROXY "";
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$2;#$fastcgi_script_name;
include fastcgi_params;
}
}
关于php - 对脚本 '/path/to/script.php' 的访问已被拒绝(请参阅 security.limit_extensions),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39104150/