linux上nginx防止.htaccess被下载-天狐博客

今天阿里云盾提示我"系统配置泄露"查看发现.htaccess可以直接下载

默认情况下nginx的vhost配置是没禁止.htaccess文件访问的,所以通过url也可以当作一个文件访问到

禁止方法很简单

vi /nginx/conf/vhost/skyfox.org.conf

增加以下代码即可

location ~ ^.*\.(htaccess|htpasswd|ini|php|sh)$ {
　　deny all;
}

location ~ ^.*\.(htaccess|htpasswd|ini|php|sh)$ {

　　deny all;

}

server {
        listen       80;
        server_name skyfox.org skyfox.org www.skyfox.org;
        root /mnt/wwwroot/skyfox_org/;
        index  index.html index.php index.htm;
     
        location ~ \.php$ {
                proxy_pass http://127.0.0.1:88;
                include naproxy.conf;
        }
        location / {
                try_files $uri @apache;
        }
        location @apache {
                 proxy_pass http://127.0.0.1:88;
                 include naproxy.conf;
        }
        location ~ ^.*\.(htaccess|htpasswd|ini|php|sh)$ {
　　            deny all;
        }
}

server {

listen 80;

server_name skyfox.org skyfox.org www.skyfox.org;

root /mnt/wwwroot/skyfox_org/;

index index.html index.php index.htm;

location ~ \.php$ {

proxy_pass http://127.0.0.1:88;

include naproxy.conf;

}

location / {

try_files $uri @apache;

}

location @apache {

proxy_pass http://127.0.0.1:88;

include naproxy.conf;

}

location ~ ^.*\.(htaccess|htpasswd|ini|php|sh)$ {

　　 deny all;

}

转载请注明：天狐博客 » linux上nginx防止.htaccess被下载

linux上nginx防止.htaccess被下载

与本文相关的文章

Hi，您需要填写昵称和邮箱！