Backend Development
PHP Tutorial
How to configure only allow access to index.php files in Nginx?
How to configure only allow access to index.php files in Nginx?
Apr 01, 2025 am 07:57 AM
Nginx security configuration: Only access to index.php files is allowed
This article describes how to configure Nginx, only allow access to index.php files, and deny access to all other files or specific PHP files. This enhances server security and prevents unauthorized access.
Scenarios and requirements
Assuming that there are multiple PHP files (such as index.php and test.php ) in the server directory, we need to make sure that only index.php is accessible and other PHP files and other resources are blocked.
Configuration plan
We will provide two configuration solutions to meet different needs:
Scheme 1: Only access to /index.php is allowed, all other requests are denied
This solution is the most stringent, and any other requests except /index.php will be denied. This is suitable for scenarios with extremely high safety requirements.
server {
listen 80;
server_name 192.168.16.86;
root /home/wwwroot/web;
include enable-php.conf;
location = /index.php {
# Process index.php request try_files $uri $uri/ /index.php?$query_string;
}
location / {
deny all;
}
# ... Other location blocks (such as static resource processing) can be retained or removed as needed...
}
Solution 2: Allow access to /index.php and static resources, and reject other PHP files
This solution allows access to static resources (such as pictures, CSS, JS, etc.), and only allows access to index.php , denying access to other PHP files. This is more common in practical applications.
server {
listen 80;
server_name 192.168.16.86;
root /home/wwwroot/web;
include enable-php.conf;
location / {
# Handle static resource request try_files $uri $uri/ =404;
}
location ~ \.php$ {
deny all;
}
location = /index.php {
# Process index.php request try_files $uri $uri/ /index.php?$query_string;
}
# ... Other location blocks (such as static resource cache) can be retained or adjusted as needed...
}
Configuration instructions:
-
location = /index.php: Exactly matches the/index.phppath and only handles requests to the file. -
location ~ \.php$: Use regular expressions to match all files ending in.php. -
deny all: All requests are rejected. -
try_files: Try to find a file or directory, and perform subsequent operations if it is not found.
Which option you choose depends on your specific security needs. Solution 1 is more secure, but the restrictions are stricter; Solution 2 is both security and functionality. Please select and adjust the configuration according to the actual situation. Be sure to test the configuration to make sure it meets your expectations. Remember, safe configuration needs to be cautious and it is recommended to test it in a test environment before applying it to the production environment.
The above is the detailed content of How to configure only allow access to index.php files in Nginx?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undress AI Tool
Undress images for free
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
What is Autoprefixer and how does it work?
Jul 02, 2025 am 01:15 AM
Autoprefixer is a tool that automatically adds vendor prefixes to CSS attributes based on the target browser scope. 1. It solves the problem of manually maintaining prefixes with errors; 2. Work through the PostCSS plug-in form, parse CSS, analyze attributes that need to be prefixed, and generate code according to configuration; 3. The usage steps include installing plug-ins, setting browserslist, and enabling them in the build process; 4. Notes include not manually adding prefixes, keeping configuration updates, prefixes not all attributes, and it is recommended to use them with the preprocessor.
How can you animate an SVG with CSS?
Jun 30, 2025 am 02:06 AM
AnimatingSVGwithCSSispossibleusingkeyframesforbasicanimationsandtransitionsforinteractiveeffects.1.Use@keyframestodefineanimationstagesforpropertieslikescale,opacity,andcolor.2.ApplytheanimationtoSVGelementssuchas,,orviaCSSclasses.3.Forhoverorstate-b
What is the conic-gradient() function?
Jul 01, 2025 am 01:16 AM
Theconic-gradient()functioninCSScreatescirculargradientsthatrotatecolorstopsaroundacentralpoint.1.Itisidealforpiecharts,progressindicators,colorwheels,anddecorativebackgrounds.2.Itworksbydefiningcolorstopsatspecificangles,optionallystartingfromadefin
CSS tutorial focusing on mobile-first design
Jul 02, 2025 am 12:52 AM
Mobile-firstCSSdesignrequiressettingtheviewportmetatag,usingrelativeunits,stylingfromsmallscreensup,optimizingtypographyandtouchtargets.First,addtocontrolscaling.Second,use%,em,orreminsteadofpixelsforflexiblelayouts.Third,writebasestylesformobile,the
CSS tutorial for creating loading spinners and animations
Jul 07, 2025 am 12:07 AM
There are three ways to create a CSS loading rotator: 1. Use the basic rotator of borders to achieve simple animation through HTML and CSS; 2. Use a custom rotator of multiple points to achieve the jump effect through different delay times; 3. Add a rotator in the button and switch classes through JavaScript to display the loading status. Each approach emphasizes the importance of design details such as color, size, accessibility and performance optimization to enhance the user experience.
What causes a 'Too many open files' error in Nginx?
Jul 05, 2025 am 12:14 AM
When Nginx experiences a "Toomyopenfiles" error, it is usually because the system or process has reached the file descriptor limit. Solutions include: 1. Increase the soft and hard limits of Linux system, set the relevant parameters of nginx or run users in /etc/security/limits.conf; 2. Adjust the worker_connections value of Nginx to adapt to expected traffic and ensure the overloaded configuration; 3. Increase the upper limit of system-level file descriptors fs.file-max, edit /etc/sysctl.conf and apply changes; 4. Optimize log and resource usage, and reduce unnecessary file handle usage, such as using open_l
What is feature detection in CSS using @supports?
Jul 02, 2025 am 01:14 AM
FeaturedetectioninCSSusing@supportschecksifabrowsersupportsaspecificfeaturebeforeapplyingrelatedstyles.1.ItusesconditionalCSSblocksbasedonproperty-valuepairs,suchas@supports(display:grid).2.Thismethodensuresfuturecompatibilityandavoidsrelianceonunrel
How to enable HTTP/2 or HTTP/3 support in Nginx?
Jul 02, 2025 am 12:36 AM
To enable Nginx's HTTP/2 or HTTP/3 support, the prerequisites must be met and configured correctly; HTTP/2 requires Nginx1.9.5, OpenSSL1.0.2 and HTTPS environment; add --with-http_v2_module module during configuration, modify the listening statement to listen443sslhttp2; and overload the service; HTTP/3 is based on QUIC, and third-party modules such as nginx-quic are required to introduce BoringSSL or OpenSSLQUIC branches during compilation, and configure UDP listening ports; common problems during deployment include ALPN not enabled, certificate incompatible, firewall restrictions and compilation errors, it is recommended to use priority
