Não consigo restringir o acesso ao diretório e subdiretórios no nginx

Navegue suas respostas
1

Você poderia me ajudar com meu arquivo de configuração do nginx? O problema: não posso restringir o acesso ao diretório, apenas para um arquivo.

Esta linha está funcionando: 

location ^~ /wp-admin/index.php {  (But only for one file)

Desta forma não funciona: 

location ^~ /wp-admin/.+\.php {

Eu também tentei isso: 

location ~ /(wp-admin) {

Por que?

Meu código: 

server {
    listen   80;
    server_name www.server.com;
    access_log /var/www/server.com_access.log;
    error_log /var/www/server.com_error.log;

    server_tokens off;

    set $webroot   '/var/www/server.com';
    set $indexfile 'index.php';

    root $webroot;

    #Static IMAGES files location
    location ~* ^.+\.(jpg|jpeg|gif|png)$
    {
        valid_referers none blocked server_names ~\.google\. images\.yandex\.ru ~\.yandex\. go\.mail\.ru ~\.mail\.ru ~\.bing\.com ~\.nigma\.ru ~\m\.womanews\.ru;
        if ($invalid_referer) {
            return 403;
        }

        try_files $uri @img_proxy;

        expires 30d;
        access_log off;
        break;
    }

    location @img_proxy {
      rewrite ^(.*)$ /noimg/?$1 redirect;
    }

    # Static files location
    location ~* ^.+\.(css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|wav|bmp|rtf|js|ico|swf)$
    {
        if (!-f $request_filename) {
            return 404;
        }

        expires 30d;
        access_log off;
        break;
    }

    # Main location
    location / {
      index  $indexfile index.html index.htm index.shtml;
      if (!-e $request_filename) {
        rewrite ^.+?(/.*\.php)$ $1 last;
        rewrite ^ /$indexfile last;
      }
    }

    location ~ ^/(forum/.*\.php|login/.*\.php|journal/.*\.php|phadmin/.*\.php|sys/.*\.php|wp-admin/.*\.php|perevodka/.*\.php|wp_adding_article\.php|wp_adding_photo\.php|wp_adding_article2\.php|wp_adding_photo_new\.php|wp_adding_photo2\.php|wp-login\.php|wp-register\.php|rss-news-process\.php|rambler-news\.php|yandex-news\.php|yal-news\.php)$ {
        fastcgi_no_cache 1;
        fastcgi_cache_bypass 1;

        include /etc/nginx/fastcgi_params;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index $indexfile;
        fastcgi_param  SCRIPT_FILENAME  $webroot$fastcgi_script_name;
    }


    # Run php fast-cgi script   
    location ~ \.php$ {
        include /etc/nginx/fastcgi_params;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index $indexfile;
        fastcgi_param  SCRIPT_FILENAME  $webroot$fastcgi_script_name;
        fastcgi_cache wholepage;
        fastcgi_cache_valid 200 301 302 304 5m;
        fastcgi_cache_key "$request_method|$http_if_modified_since|$http_if_none_match|$host|$request_uri";
        fastcgi_hide_header "Set-Cookie";
        fastcgi_ignore_headers "Cache-Control" "Expires";
    }

    location /goto/ {
        rewrite /goto/http\:/(.*) http://$1 permanent;
    }

    location ^~ /wp-admin/index.php {
        auth_basic            "Restricted";
        auth_basic_user_file  /etc/nginx/conf.d/.htpasswd/passwd;

        fastcgi_no_cache 1;
        fastcgi_cache_bypass 1;

        include /etc/nginx/fastcgi_params;
        fastcgi_pass  127.0.0.1:9000;
        fastcgi_index $indexfile;
        fastcgi_param SCRIPT_FILENAME $webroot$fastcgi_script_name;
    }

}
    
por SPnova 17.08.2013 / 18:22

0 respostas

Tags

Ddos atacam passando por iptables [duplicados] Forest Trust entre DCs de 2012 e 2008 FAIL: Acesso negado