Nginx“”try_files“指令中的参数数量无效...”用于PHP安全性

时间:2013-06-27 17:27:24

标签: nginx

我正在尝试使用debian风格的目录结构从我的共享主机的用户文件夹中的源代码运行Nginx。我尝试启动服务器时遇到错误:

[emerg] invalid number of arguments in "try_files" directive in /home/.../nginx/conf/sites-enabled/default:11

引用的行是来自Nginx陷阱页面的PHP执行保护。这是我的配置文件:

nginx.conf:

worker_processes 1;

events {
    worker_connections 1024;
}

http {

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    client_max_body_size 5m;

    include /home/hittingsmoke/nginx/conf/mime.types;
    default_type application/octet-stream;

    gzip on;
    gzip_disable \"msie6\";

    include /home/hittingsmoke/nginx/conf/sites-enabled/*;
}

...和sites-available / default:

server {
    listen       12513;

    root /home/hittingsmoke/nginx/html/;
    index index.php index.html index.htm;

    server_name _;

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/home/hittingsmoke/php-5.3/var/run/php5-fpm.sock;
        fastcgi_param   SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_index index.php;
        include fastcgi_params;
    }
    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   html;
    }

}

我的配置找不到任何问题。我的设置几乎与我正在运行的Ubuntu盒上的工作安装相同。我做错了什么?

编辑:经过进一步测试,只有当我在nginx.conf中使用包含include的站点可用设置时才会发生这种情况。如果我将我的sites-available / default的内容复制/粘贴到我的nginx.conf中,一切正常。

EDIT2:如上所述,如果我从vhosts文件中删除了try_files,它会再次失败并在fastcgi_params上出现相同的错误。这是我的fastcgi_params文件的内容。这都是默认值:

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;
编辑3:我犯了一个小错误。它是fastcgi_param,而不是fastcgi_param * s *,其中错误在删除try_files指令后继续。

2 个答案:

答案 0 :(得分:15)

Nginx试图解释try_files指令至少需要两条路径:

    try_files /path1$uri /path2$uri ...

使用/dev/null作为一种简单的解决方法:

    try_files $uri /dev/null =404;

或允许更多自定义的命名位置:

    try_files $uri @error
    ...
    location @error {
        ...
    }

答案 1 :(得分:2)

不确定这是否是您的问题,但我在PHP位置块之外有我的try_files:

location / {
    try_files $uri $uri/ =404;
}

location ~ \.php$ {
    ....
}