我有一个 nginx 服务器,似乎一切都可以工作,但是当我为目录添加身份验证时,服务器返回下载的 php 代码。
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl;
root /var/www/html;
index index.php index.html index.htm;
server_name _;
location ^~ /auth/ {
try_files $uri $uri/ =404;
auth_basic "Auth";
auth_basic_user_file /etc/nginx/.htpasswd;
}
location / {
try_files $uri $uri/ =404;
}
location ~ /\. {
deny all;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|store) {
deny all;
return 403;
}
location ~* \.(gif|jpe?g|png|css)$ {
expires 30d;
}
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header Strict-Transport-Security 'max-age=31536000; preload';
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'";
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 10s;
location ~ /\.ht {
deny all;
}
}
没有位置 ^~/auth/一切都好。 我在不同的浏览器中都经历过这种情况。
最佳答案
nginx processes a request通过选择位置。新的位置不包含执行PHP所需的代码。您应该添加 nested location block在 /auth/ 目录中处理 PHP。
location ^~ /auth/ {
try_files $uri $uri/ =404;
auth_basic "Auth";
auth_basic_user_file /etc/nginx/.htpasswd;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
...
location ~ \.php$ { ... }
关于php - nginx服务器配置返回php代码,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42752660/