web项目中一些配置文件比如ini文件,cfg文件,或者静态的模板dwt、lbi文件等,需要设置禁止访问,不然可以直接在browser上下载。
- location ~* \.(ini|cfg|dwt|lbi)$ {
- deny all;
- }
贴:测服代码
server
{
listen 8001;
server_name 111.40.8xx7.1xxx;
root /usr/local/data/dddcc/wealth_app/pc;
index index.php index.html index.htm;
try_files $uri $uri/ @rewrite;
location @rewrite {
rewrite ^/(.*)$ /index.php?_url=/$1;
}
location ~ "(html)" {
break;
}
location ~ "\.(js|ico|gif|jpg|png|css|swf|txt|xml|eot|woff|ttf)$" {
expires 1w;
}
location / {
fastcgi_ignore_client_abort on;
fastcgi_pass unix:/dev/shm/php.socket;
fastcgi_index index.php;
include fcgi.conf;
index index.php;
if (!-e $request_filename) {
rewrite ^(.*)$ /index.php?s=$1 last;
break;
}
}
access_log /usr/local/nginx/logs/wealth_pc.log wealth_pc;
}