Symfony2 Nginx auth_basic配置不会打开Web资源

时间:2016-04-20 13:27:25

标签: php symfony authentication nginx

我正在使用Symfony2,Nginx开发一个项目。

项目位于我的子域名,如developing_site.mysite.com。

我想在不进行身份验证的情况下限制对此子域的访问。不仅是开发和配置文件,还有生产。

所以我在symfony官方网站推荐的nginx配置中的location/扇区中添加了auth_basic组件到nginx配置文件。 因此,在页面加载服务器请求身份验证之前,加载除/web目录中的任何文件存储之外的所有内容,如images,js,css等。因此,所有内容都由.php处理,但没有任何样式和动态功能。

那我怎么解决这个问题呢?我做错了什么?

Nginx配置如下所示:

server {

listen {MyServerIp};
server_name developing_site.mysite.com;

root /var/www/developing_site/web;
index index.php index.html index.htm;

location / {
    try_files $uri /app.php$is_args$args;
    auth_basic "Restricted Content";
    auth_basic_user_file var/www/developing_site/.lock/.htpasswd;
}

# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    # Prevents URIs that include the front controller. This will 404:
    # http://domain.tld/app.php/some-path
    # Remove the internal directive to allow URIs like this
    internal;
}

error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}

1 个答案:

答案 0 :(得分:0)

我自己解决了这个问题..

两个错误:

  1. 句法错误
  2. auth_basic阻止
    3. 的错误位置

    语法错误在var/www/developing_site/.lock/.htpasswd;。我使用相对链接而不是绝对链接。正确的表格是/var/www/developing_site/.lock/.htpasswd;(对不起......)

    当我在auth_basic中放置location/阻止时,我只将身份验证设置为实际处理所有/个请求的/web位置...(/ web因为第一次错误而未处理请求...)

    主要的symfony请求由nginx配置文件中的location ~ ^/(app_dev|config)\.php(/|$)块处理。

    解决方案:要在不进行身份验证的情况下限制对developers_site.mysite.com的任何文件的任何请求,auth_basic阻止应放在任何location阻止之前。

    所以正确的nginx配置应如下所示:

    server {

listen MyServerIp;
server_name developing_site.mysite.com;

auth_basic "Unauthorized";
auth_basic_user_file /var/www/.lock/.htpasswd;

root /var/www/developing_site/web;
index index.php index.html index.htm;

location / {
    try_files $uri /app.php$is_args$args;
}

# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    # Prevents URIs that include the front controller. This will 404:
    # http://domain.tld/app.php/some-path
    # Remove the internal directive to allow URIs like this
    internal;
}

error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
相关问题
最新问题