我有Ubuntu 14.04,Nginx 1.6.2,PHP 5.5.23-1 + deb.sury.org~trusty + 2和fastcgi VPS。我用Easy Engine设置我的WordPress网站。我想启用密码保护我的所有WordPress网站“wp-login.php”以及“wp-admin”区域。为了测试此过程,我已将以下代码添加到启用站点的目录(/etc/nginx/sites-enabled)站点文件(mysite.com)。
location ^~ /wp-login.php {
auth_basic "Restricted Area:WordPress";
auth_basic_user_file /var/www/.htpasswd;
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
}
我的VPS php-FPM使用fastcgi_pass 127.0.0.1:9000;,所以我在上面的代码中使用它。
然后我创建了.htpasswd文件并上传到/var/www目录并将权限设置为rw-r-----。
然后我用服务php5-fpm reload&&重新启动了php和nginx。 service nginx reload命令。现在当我尝试访问/wp-login.php时没有任何改变。它就像常规登录页面一样,不会提升任何密码弹出窗口。我看不到任何错误或警告。
由于上面的/wp-login.php文件密码保护不起作用,我在/ wp-admin /文件夹中添加了密码保护,然后才能正常工作。这是我的新nginx站点启用配置文件。
server {
server_name mysite.com www.mysite.com;
access_log /var/log/nginx/mysite.com.access.log rt_cache;
error_log /var/log/nginx/mysite.com.error.log;
root /var/www/mysite.com/htdocs;
index index.php index.html index.htm;
include common/w3tc.conf;
include common/wpcommon.conf;
include common/locations.conf;
include common/pagespeed.conf;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location /wp-admin/admin-ajax.php {
allow all;
}
location /wp-admin {
location ~ /wp-admin/admin-ajax.php$ {
# Php handler
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_read_timeout 300;
include fastcgi_params;
}
location ~* /wp-admin/.*\.php$ {
auth_basic "Restricted Area:WordPress";
auth_basic_user_file /var/www/.htpasswd;
# Php handler
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_read_timeout 300;
include fastcgi_params;
}
}
}
有人可以告诉我如何解决这个问题?
答案 0 :(得分:1)
问题是wpcommon.conf中已经声明了/wp-login.php
所以,将/etc/nginx/common/wpcommon.conf复制到/var/www/example.com/my-wpcommon.conf
编辑此块
location = /wp-login.php {
limit_req zone=one burst=1 nodelay;
include fastcgi_params;
fastcgi_pass php;
}
到
location = /wp-login.php {
limit_req zone=one burst=1 nodelay;
include fastcgi_params;
fastcgi_pass php;
satisfy any;
allow 127.0.0.1;
deny all;
auth_basic "Authorization Required";
auth_basic_user_file /var/www/.htpasswd;
}
然后在/etc/nginx/sites-available/example.com上编辑您的网站nginx配置,替换
include common/wpcommon.conf;
到
include /var/www/example.com/my-wpcommon.conf;
重新启动nginx。
但是,每次更新EasyEngine时,请检查/etc/nginx/common/wpcommon.conf,以便进行新配置,以便my-wpcommon.conf仍然可以更新。
答案 1 :(得分:0)
由于您使用的是fastcgi,因此需要在PHP文件的位置块中包含fastcgi处理。
location ^~ /wp-login\.php$ {
auth_basic "Restricted Area:WordPress";
auth_basic_user_file /var/www/.htpasswd;
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_read_timeout 300;
include fastcgi_params;
}