Nginx anti-theft chain and Nginx access control with Nginx parsing PHP configuration

This article mainly introduces the detailed Nginx anti-theft chain and Nginx access control and Nginx parsing PHP configuration of the relevant information, here to provide examples to help everyone, learn to understand this part of the content, the need for friends can refer to the next

Detailed Nginx anti-theft chain and Nginx access control and Nginx parsing PHP configuration

Nginx Anti-theft chain

The configuration is as follows and can be combined with the above configuration.

Location ~* ^.+\. (Gif|jpg|png|swf|flv|rar|zip|doc|pdf|gz|bz2|jpeg|bmp|xls) ${  expires 7d;  Valid_referers none blocked Server_names *.test.com;  if ($invalid _referer) {    return 403;  }  Access_log off;}

Nginx access Control

Requirement: Access to the/admin/directory request, only a few IP access allowed.

The configuration is as follows:

location/admin/{allow  192.168.133.1;  Allow 127.0.0.1;  Deny all;}

Create a Test

Mkdir/data/wwwroot/test.com/admin/echo "Test,test" >/data/wwwroot/test.com/admin/1.html

Detect reboot

/usr/local/nginx/bin/nginx-t &&-S Reload

Test

curl-x127.0.0.1:80 test.com/admin/1.html-i curl-x192.168.133.130:80 Test.com/admin/1.html-i

Nginx access Control

The configuration is as follows:

  Location ~. * (abc|image)/.*\.php${    deny all;}

Restrictions according to User_agent

if ($http _user_agent ~ ' spider/3.0| Youdaobot| Tomato ') {   return 403;}

Deny all is the same as the return 403 effect

Nginx Parsing PHP Configuration

The configuration is as follows:

Location ~ \.php$  {    include fastcgi_params;    Fastcgi_pass Unix:/tmp/php-fcgi.sock;    Fastcgi_index index.php;    Fastcgi_param script_filename/data/wwwroot/test.com$fastcgi_script_name;  }

Fastcgi_pass used to specify the address or socket of the PHP-FPM listener