Nginx 403 禁止位置和本地主机
Nginx 403 Forbidden for location and localhost
我的目标是使用 SSH 隧道访问特定位置(即 phpmyadmin)http://localhost/phpmyadmin
我刚刚用 Nginx 安装了 Ubuntu 20.04。以下配置适用于 Ubuntu 18.04.
我编辑了 /etc/nginx/sites-available/default 添加:
location /phpmyadmin {
#Allow localhost
allow 127.0.0.1;
#deny all the others ip
deny all;
}
当我访问 http://localhost/phpmyadmin 时收到错误消息:
403 Forbidden nginx/1.17.10 (Ubuntu)
只是为了测试,我已经删除了 "deny all;" 它工作正常的所有内容,但是每个 IP 地址都可以访问位置 phpmyadmin。
nginx 错误日志:
2020/05/05 23:52:13 [error] 21905#21905: *1 access forbidden by rule, client: ::1, server: _, request: "GET /phpmyadmin/ HTTP/1.1", host: "localhost"
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# With php-cgi (or other tcp sockets):
#fastcgi_pass 127.0.0.1:9000;
}
location /phpmyadmin {
satisfy all;
allow 127.0.0.1;
deny all;
}
}
知道为什么此配置不再适用于 ubuntu 20.04 和 nginx 1.17.10 吗?
您也需要允许 ::1...
并在位置块内添加 php 的参数。
这样试试
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# With php-cgi (or other tcp sockets):
#fastcgi_pass 127.0.0.1:9000;
}
location ^~ /phpmyadmin/ {
allow 127.0.0.1;
allow ::1;
deny all;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
}
我的目标是使用 SSH 隧道访问特定位置(即 phpmyadmin)http://localhost/phpmyadmin
我刚刚用 Nginx 安装了 Ubuntu 20.04。以下配置适用于 Ubuntu 18.04.
我编辑了 /etc/nginx/sites-available/default 添加:
location /phpmyadmin {
#Allow localhost
allow 127.0.0.1;
#deny all the others ip
deny all;
}
当我访问 http://localhost/phpmyadmin 时收到错误消息:
403 Forbidden nginx/1.17.10 (Ubuntu)
只是为了测试,我已经删除了 "deny all;" 它工作正常的所有内容,但是每个 IP 地址都可以访问位置 phpmyadmin。
nginx 错误日志:
2020/05/05 23:52:13 [error] 21905#21905: *1 access forbidden by rule, client: ::1, server: _, request: "GET /phpmyadmin/ HTTP/1.1", host: "localhost"
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# With php-cgi (or other tcp sockets):
#fastcgi_pass 127.0.0.1:9000;
}
location /phpmyadmin {
satisfy all;
allow 127.0.0.1;
deny all;
}
}
知道为什么此配置不再适用于 ubuntu 20.04 和 nginx 1.17.10 吗?
您也需要允许 ::1... 并在位置块内添加 php 的参数。
这样试试
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
# With php-cgi (or other tcp sockets):
#fastcgi_pass 127.0.0.1:9000;
}
location ^~ /phpmyadmin/ {
allow 127.0.0.1;
allow ::1;
deny all;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
}