NGINX拒绝访问目录和内部文件,包括js / css

时间:2018-11-28 16:49:47

标签: nginx nginx-location

我想拒绝访问几个目录以及所有子目录和文件,包括JS / CSS文件。

我具有此配置,并且在大多数情况下都有效,但是它并不拒绝访问我拥有的.js文件。

server {
    listen          80;
    server_name     DOMAIN www.DOMAIN;
    root            /home/me/www/app;

    index           index.php index.html index.htm;
    autoindex       on;

    client_max_body_size    20m;    
    fastcgi_read_timeout    600;
    #Forbid access to these directories
    location ~ /(data|dev|py)/ {
            deny all;
            return 403;
    }
    #Force download on PDF files
    location ~* /(.*\.pdf) {
            types { application/octet-stream .pdf; }
            default_type  application/octet-stream;
    }

    location / {
            index           index.php index.html index.htm;
            try_files       $uri $uri/ /index.php?$args;
    }
    #API
    location /api/v1/ {
            index           index.php;
            try_files       $uri $uri/ /api/v1/index.php?$args;
    }
    #php support
    location ~ [^/]\.php(/|$) {

            include         /etc/nginx/conf.d/php_generic;

            fastcgi_param   DOCUMENT_ROOT   /home/me/www/site1;
            fastcgi_pass    unix:/var/run/php/php-fpm-me.sock;
    }

    error_page      404     /404.html;
    location = /40x.html {
    }

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    }

    error_log       /home/me/logs/error.log;
    access_log      /home/me/logs/access.log;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/DOMAIN/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/DOMAIN/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
  }

有什么想法吗?

编辑/已解决

好吧,该网站位于CloudFlare的背后,因此,将头发拖了30分钟之后,链接不再可用,这告诉我,即使更改了nginx配置,CloudFlare还是已缓存并为其提供了服务。

0 个答案:

没有答案
相关问题
最新问题