Nginx 是怎么禁止拜访php的 ?
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;">商务合作加<span style="color: black;">微X</span>:2230304070 </strong></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">学习与交流:</span></strong><a style="color: black;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">PHP技术交流<span style="color: black;">微X</span>群 </span></strong></span></a></span></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">查看:</span></strong><strong style="color: blue;"><span style="color: black;"><a style="color: black;">JetBrains<span style="color: black;">整家</span>桶<span style="color: black;">长时间</span><span style="color: black;">守护</span>的个人账号 一次加入 永久<span style="color: black;">运用</span></a></span></strong></span></p>禁止<span style="color: black;">拜访</span> PHP 脚本<span style="color: black;">能够</span><span style="color: black;">经过</span> Nginx 服务器配置中的多种方式来实现。以下是其中的<span style="color: black;">有些</span><span style="color: black;">平常</span><span style="color: black;">办法</span>,您<span style="color: black;">能够</span><span style="color: black;">按照</span><span style="color: black;">实质</span><span style="color: black;">需要</span><span style="color: black;">选取</span>合适的方式:1 <strong style="color: blue;">禁用 PHP 解析:</strong>在 Nginx 配置中,<span style="color: black;">保证</span> PHP 脚本<span style="color: black;">没法</span>被解析,从而禁止 PHP 执行。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">deny</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> all;</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>2 <strong style="color: blue;">限制<span style="color: black;">拜访</span>路径:</strong>限制只<span style="color: black;">准许</span><span style="color: black;">拜访</span>特定路径下的 PHP 脚本,其他路径禁止。<span style="color: black;">location</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> /public {</p> <span style="color: black;"># <span style="color: black;">准许</span><span style="color: black;">拜访</span> /public 下的 PHP 脚本</span> <span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">fastcgi_pass</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> unix:/var/run/php-fpm.sock;</p> <span style="color: black;">include</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> fastcgi_params;</p> <span style="color: black;">fastcgi_param</span> SCRIPT_FILENAME <span style="color: black;">$document_root</span><span style="color: black;">$fastcgi_script_name</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">;</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p><span style="color: black;"># 禁止<span style="color: black;">拜访</span>其他路径的 PHP 脚本</span><span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">deny</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> all;</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>3 <strong style="color: blue;"><span style="color: black;">运用</span> HTTP Basic 认证:</strong><span style="color: black;">需求</span>用户<span style="color: black;">供给</span>用户名和<span style="color: black;">秘码</span>以<span style="color: black;">拜访</span> PHP 脚本。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">auth_basic</span> <span style="color: black;">"Restricted"</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">;</p> <span style="color: black;">auth_basic_user_file</span> /etc/nginx/.htpasswd; <span style="color: black;"># 使用 htpasswd 生成<span style="color: black;">秘码</span>文件</span> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>4 <strong style="color: blue;">IP <span style="color: black;">位置</span><span style="color: black;">拜访</span><span style="color: black;">掌控</span>:</strong>限制<span style="color: black;">仅有</span>特定的 IP <span style="color: black;">位置</span><span style="color: black;">能够</span><span style="color: black;">拜访</span> PHP 脚本。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">allow</span> <span style="color: black;">192.168.1.1</span>; <span style="color: black;"># <span style="color: black;">准许</span>的 IP <span style="color: black;">位置</span></span> <span style="color: black;">deny</span> all; <span style="color: black;"># 禁止其他 IP <span style="color: black;">位置</span></span> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>5 <strong style="color: blue;">Referer <span style="color: black;">检测</span>:</strong><span style="color: black;">检测</span> HTTP Referer 头,只<span style="color: black;">准许</span>特定<span style="color: black;">源自</span>的请求。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">valid_referers</span> <span style="color: black;">none</span> <span style="color: black;">blocked</span> example.com; <span style="color: black;"># <span style="color: black;">准许</span>的 Referer</span> <span style="color: black;">if</span> (<span style="color: black;">$invalid_referer</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">) {</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 拒绝无效的 Referer</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>6 <strong style="color: blue;">User-Agent <span style="color: black;">检测</span>:</strong><span style="color: black;">检测</span> User-Agent 头,只<span style="color: black;">准许</span>特定 User-Agent <span style="color: black;">拜访</span>。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$http_user_agent</span> <span style="color: black;">~* (bad-agent|another-bad-agent))</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 拒绝不良 User-Agent</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>7 <strong style="color: blue;">URL 匹配:</strong><span style="color: black;">经过</span>正则表达式匹配 URL,只<span style="color: black;">准许</span>特定 URL <span style="color: black;">拜访</span> PHP。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$request_uri</span> <span style="color: black;">~* ^/allowed-path/)</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;"># <span style="color: black;">准许</span>的 URL 路径</span> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 其他路径禁止</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>8 <strong style="color: blue;">文件类型匹配:</strong>只<span style="color: black;">准许</span>特定文件类型的 PHP 文件执行。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$request_filename</span> <span style="color: black;">~* \.php$)</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;"># <span style="color: black;">准许</span>的文件类型</span> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 禁止其他文件类型</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>9 <strong style="color: blue;">设置文件权限:</strong><span style="color: black;">经过</span>文件系统的权限设置,限制 PHP 脚本的<span style="color: black;">拜访</span>。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;"># 设置文件的<span style="color: black;">拜访</span>权限为 600 或更高</span> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>10 <strong style="color: blue;">利用 Nginx 的 map 模块:</strong><span style="color: black;">运用</span> Nginx 的 map 模块来<span style="color: black;">按照</span><span style="color: black;">要求</span>禁止 PHP <span style="color: black;">拜访</span>。<span style="color: black;">map</span> <span style="color: black;">$remote_addr</span> <span style="color: black;">$php_disabled</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">default</span> <span style="color: black;">0</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">;</p> 192.168.1.1 0; <span style="color: black;"># <span style="color: black;">准许</span>的 IP <span style="color: black;">位置</span></span> ~^192\.168\.2\. 1; <span style="color: black;"># <span style="color: black;">准许</span>的 IP <span style="color: black;">位置</span>范围</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p><span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$php_disabled</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">) {</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 禁止<span style="color: black;">拜访</span></span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>11 <strong style="color: blue;">利用 Nginx 的 geo 模块:</strong><span style="color: black;">运用</span> Nginx 的 geo 模块<span style="color: black;">按照</span>地理位置禁止 PHP <span style="color: black;">拜访</span>。<span style="color: black;">geo</span> <span style="color: black;">$allowed_country</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">default</span> <span style="color: black;">0</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">;</p> <span style="color: black;">US</span> <span style="color: black;">1</span>; <span style="color: black;"># <span style="color: black;">准许</span>的国家或地区</span> <span style="color: black;">CA</span> <span style="color: black;">1</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">;</p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p><span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$allowed_country</span> = <span style="color: black;">0</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">) {</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 禁止<span style="color: black;">拜访</span></span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>12 <strong style="color: blue;">禁止特定 HTTP <span style="color: black;">办法</span>:</strong>限制<span style="color: black;">仅有</span>特定的 HTTP <span style="color: black;">办法</span><span style="color: black;">能够</span><span style="color: black;">拜访</span> PHP 脚本。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$request_method</span> !<span style="color: black;">~ ^(GET|POST)$)</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 禁止其他<span style="color: black;">办法</span></span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>13 <strong style="color: blue;">限制<span style="color: black;">拜访</span>时间:</strong>限制<span style="color: black;">仅有</span>在特<span style="color: black;">按时</span>间段内<span style="color: black;">能够</span><span style="color: black;">拜访</span> PHP 脚本。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$time_iso8601</span> !<span style="color: black;">~ "T(08|09|10|11|12|13):")</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># 限制<span style="color: black;">拜访</span>时段</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>14 <strong style="color: blue;">HTTP <span style="color: black;">拜访</span>速率限制:</strong>限制<span style="color: black;">拜访</span>速率以减轻服务器负载。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">limit_req</span> zone=mylimit burst=<span style="color: black;">5</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> nodelay;</p> <span style="color: black;">limit_req_status</span> <span style="color: black;">403</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">;</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>15 <strong style="color: blue;"><span style="color: black;">运用</span> Nginx 内置变量:</strong><span style="color: black;">运用</span> Nginx 的内置变量结合<span style="color: black;">要求</span>语句来<span style="color: black;">按照</span>特定<span style="color: black;">要求</span>禁止 PHP <span style="color: black;">拜访</span>。<span style="color: black;">location</span> <span style="color: black;">~ \.php$</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">if</span> (<span style="color: black;">$http_cookie</span> <span style="color: black;">~* "adminuser=")</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> {</p> <span style="color: black;">return</span> <span style="color: black;">403</span>; <span style="color: black;"># <span style="color: black;">倘若</span><span style="color: black;">包括</span>特定 Cookie</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"> }</p> <span style="color: black;"># ...</span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;">}</p>请<span style="color: black;">重视</span>,<span style="color: black;">以上</span><span style="color: black;">办法</span><span style="color: black;">能够</span>单独<span style="color: black;">运用</span>或组合<span style="color: black;">运用</span>,<span style="color: black;">详细</span>的<span style="color: black;">选取</span>取决于您的安全<span style="color: black;">需要</span>和服务器配置。<span style="color: black;">同期</span>,<span style="color: black;">保证</span>在配置中<span style="color: black;">运用</span>适当的测试和调试<span style="color: black;">办法</span>,以<span style="color: black;">保证</span>您的 Nginx 服务器<span style="color: black;">根据</span>预期运行。<h1 style="color: black; text-align: left; margin-bottom: 10px;"><strong style="color: blue;">JetBrains<span style="color: black;">整家</span>桶<span style="color: black;">长时间</span><span style="color: black;">守护</span>的个人账号 一次加入 永久<span style="color: black;">运用</span></strong></h1><strong style="color: blue;"><a style="color: black;"><span style="color: black;"><img src="https://mmbiz.qpic.cn/mmbiz_png/QibLP1rpwH8upyC9IjyOBpSU4ON2WUkL6ic3WVxYN00mWZ63lrB8CDJhYeZdMbOcqRP2hbjaZjAebwHCqkMia8GPA/640?wx_fmt=png&wxfrom=5&wx_lazy=1&wx_co=1&tp=webp" style="width: 50%; margin-bottom: 20px;"></span></a></strong><img src="https://mmbiz.qpic.cn/mmbiz_gif/X36HLl2EicOfbCTTtzwpbdicOhvibmKu9O9jGSLPicT5IVjk2U8YETibumKAAa5K55Y3mdvGOvhjfbUGdEibKx8E5BJQ/640?wx_fmt=gif&wxfrom=5&wx_lazy=1&tp=webp" style="width: 50%; margin-bottom: 20px;"><span style="color: black;"><strong style="color: blue;"><span style="color: black;">参考链接:</span></strong></span><span style="color: black;"><span style="color: black;">以上<span style="color: black;">便是</span>本篇分钟的<span style="color: black;">所有</span>内容,</span><span style="color: black;"><strong style="color: blue;"><span style="color: black;"><span style="color: black;">期盼</span>各位程序员们<span style="color: black;">奋斗</span><span style="color: black;">提高</span>个人技术。</span></strong></span><span style="color: black;">最后,<span style="color: black;">博主</span>温馨提示:<span style="color: black;">每日</span>阅读5分钟,<span style="color: black;">每日</span>学习一点点,<span style="color: black;">每日</span>进步一点点。</span></span>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><img src="https://mmbiz.qpic.cn/mmbiz_gif/X36HLl2EicOfSLeDjYdhheic53iaMxy6jzuQaBEXzfu12r8KsocY8g1D5GGfcUJ4nibr37JY3ZZBu1wjKiaNxEASXUA/640?wx_fmt=gif&wxfrom=5&wx_lazy=1&tp=webp" style="width: 50%; margin-bottom: 20px;"></p>
<p style="font-size: 16px; color: black; line-height: 40px; text-align: left; margin-bottom: 15px;"><span style="color: black;"><span style="color: black;"><img src="https://mmbiz.qpic.cn/mmbiz_jpg/uIqA9zdyleyDIhxfbt7DaTT5a4QibDoG9cjrINXv1wpUImSribq2abGGGYeN0j5tsgJ6yQBytrXmUFprtSOA4Ceg/640?wx_fmt=other&tp=webp&wxfrom=5&wx_lazy=1&wx_co=1" style="width: 50%; margin-bottom: 20px;"></span></span></p>
楼主发的这篇帖子,我觉得非常有道理。 论坛的成果是显著的,但我们不能因为成绩而沾沾自喜。
页:
[1]