如何配置nginx以允许我的/test_file.php/?param1=test之间的斜杠?目前只允许/test_file.php?param1=test ...
这是我目前的配置:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
# rewrite ^/(.php*)/$ /$1 permanent;
root /var/www/example.com;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
网址正常工作(不受欢迎):https://example.com/workouts.php?workout=206 我想要的网址:https://example.com/workouts.php/?workout=206
答案 0 :(得分:1)
块:
location ~ \.php$ { ... }
负责处理以.php结尾的任何URI。
一个简单的解决方案是将正则表达式更改为接受包含pathinfo的URI。但是,您还应该在块中进行其他更改以减轻已知漏洞。有关详细信息,请参阅this document。
例如:
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}