无法在 nginx 上读取 Bolt CMS sitemap.xml
Can't read Bolt CMS sitemap.xml on nginx
我有一个安装了站点地图扩展的 Bolt 站点。转到 example.com/sitemap 会产生预期的输出,但会从 nginx 转到 example.com/sitemap.xml returns a 403。我感觉我的 nginx 服务器块有些不对劲,但我不确定是什么。我知道我曾经在 PDF 文件上收到同样的错误,直到我明确地将 pdf 添加到 "enforce caching" 部分。
如果 nginx 不首先确定它是一个虚假请求,我如何才能到达 Bolt 路由 /sitemap.xml?
我的服务器配置文件如下。已更改名称以保护无辜者。
server {
listen 80;
server_name example.com *.example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name example.com *.example.com;
ssl_certificate /home/example/keys/example.crt;
ssl_certificate_key /home/example/keys/example.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_param PHP_VALUE "auto_prepend_file=/srv/http/xhgui.example.com/external/header.php";
}
root /srv/http/example/web;
index index.php;
# The main Bolt website
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# Generated thumbnail images
location ~* /thumbs/(.*)$ {
try_files $uri $uri/ /index.php?$query_string;
}
# Bolt backend access
#
# NOTE: If you set a custom branding path, you will need to change '/bolt/'
# here to match
location ~* /admin/(.*)$ {
try_files $uri $uri/ /index.php?$query_string;
}
# Enforce caching for certain file extension types
location ~* \.(?:ico|css|js|gif|jpe?g|pdf|png|ttf|woff|woff2)$ {
access_log off;
expires 30d;
add_header Pragma public;
add_header Cache-Control "public, mustrevalidate, proxy-revalidate";
}
# Don't create logs for favicon.ico or robots.txt requests
location = /(?:favicon.ico|robots.txt) {
access_log off;
log_not_found off;
}
# Block PHP files from being run in upload (files), app, theme and extension directories
location ~* /(?:app|extensions|files|theme)/(.*)\.php$ {
deny all;
}
# Block hidden files
location ~ \. {
deny all;
}
# Block access to Sqlite database files
location ~ \.(?:db)$ {
deny all;
}
# Block access to the app, cache & vendor directories
location ~ /(?:app|src|tests|vendor) {
deny all;
}
# Block access to Markdown, Twig & YAML files directly
location ~* /(.*)\.(?:markdown|md|twig|yaml|yml)$ {
deny all;
}
}
令我惊讶的是,区块
# Block hidden files
location ~ \. {
deny all;
}
似乎适用于一切,而不仅仅是以点开头的文件。通过将其更改为
来修复
# Block hidden files
location ~ /\. {
deny all;
}
我有一个安装了站点地图扩展的 Bolt 站点。转到 example.com/sitemap 会产生预期的输出,但会从 nginx 转到 example.com/sitemap.xml returns a 403。我感觉我的 nginx 服务器块有些不对劲,但我不确定是什么。我知道我曾经在 PDF 文件上收到同样的错误,直到我明确地将 pdf 添加到 "enforce caching" 部分。
如果 nginx 不首先确定它是一个虚假请求,我如何才能到达 Bolt 路由 /sitemap.xml?
我的服务器配置文件如下。已更改名称以保护无辜者。
server {
listen 80;
server_name example.com *.example.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name example.com *.example.com;
ssl_certificate /home/example/keys/example.crt;
ssl_certificate_key /home/example/keys/example.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_param PHP_VALUE "auto_prepend_file=/srv/http/xhgui.example.com/external/header.php";
}
root /srv/http/example/web;
index index.php;
# The main Bolt website
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# Generated thumbnail images
location ~* /thumbs/(.*)$ {
try_files $uri $uri/ /index.php?$query_string;
}
# Bolt backend access
#
# NOTE: If you set a custom branding path, you will need to change '/bolt/'
# here to match
location ~* /admin/(.*)$ {
try_files $uri $uri/ /index.php?$query_string;
}
# Enforce caching for certain file extension types
location ~* \.(?:ico|css|js|gif|jpe?g|pdf|png|ttf|woff|woff2)$ {
access_log off;
expires 30d;
add_header Pragma public;
add_header Cache-Control "public, mustrevalidate, proxy-revalidate";
}
# Don't create logs for favicon.ico or robots.txt requests
location = /(?:favicon.ico|robots.txt) {
access_log off;
log_not_found off;
}
# Block PHP files from being run in upload (files), app, theme and extension directories
location ~* /(?:app|extensions|files|theme)/(.*)\.php$ {
deny all;
}
# Block hidden files
location ~ \. {
deny all;
}
# Block access to Sqlite database files
location ~ \.(?:db)$ {
deny all;
}
# Block access to the app, cache & vendor directories
location ~ /(?:app|src|tests|vendor) {
deny all;
}
# Block access to Markdown, Twig & YAML files directly
location ~* /(.*)\.(?:markdown|md|twig|yaml|yml)$ {
deny all;
}
}
令我惊讶的是,区块
# Block hidden files
location ~ \. {
deny all;
}
似乎适用于一切,而不仅仅是以点开头的文件。通过将其更改为
来修复# Block hidden files
location ~ /\. {
deny all;
}