我试图阻止除某些ip之外的所有人对www.mysite.net/uploads内所有文件的访问。我有php文件,文档,图像等,我希望整个目录uploads以及受ip限制的其他所有内容。我曾尝试设置两个位置,但都无法正常工作。我在做什么错了?
编辑:这是我的完整配置文件
server {
listen 80;
listen [::]:80;
server_name mysite.net www.mysite.net;
return 302 https://$server_name$request_uri;
}
server {
# SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /etc/ssl/certs/cert.pem;
ssl_certificate_key /etc/ssl/private/key.pem;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
rewrite_log on;
server_name mysite.net www.mysite.net;
root /var/www/mysite.net/html;
index index.php index.html index.htm index.nginx-debian.html;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
location /api {
root /var/www/mysite.net/html/api;
rewrite ^/api/(.*)$ /$1 break;
try_files $uri $uri/ /api/index.php$is_args$args;
}
location ~ /api/.+\.php$ {
root /var/www/mysite.net/html/api;
rewrite ^/api/(.*)$ /$1 break;
#include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
}
location /uploads {
alias /var/www/mysite.net/html/uploads;
allow 1.2.3.4;
deny all;
}
location /uploads/* {
allow 1.2.3.4;
deny_all;
}
}
答案 0 :(得分:0)
更改配置后,您可能需要重新启动nginx
还请检查以下链接中提到的步骤
https://www.howtogeekpro.com/4/how-to-block-access-to-nginx-except-for-a-specific-ip-address/