分类: BSD
2008-11-04 10:53:17
QUOTE:
ngx_http_access_module根据这个文档,比如我要限制private这个目录的访问,用如下规则
This module provides a simple host-based access control.
Module ngx_http_access_module makes it possible to control access for specific IP-addresses of clients. Rules are checked in the order of their record to the first match.
Example configuration
/ {
deny 192.168.1.1;
allow 192.168.1.0/24;
allow 10.1.1.0/16;
deny all;
}
In the above example access is only granted to networks 10.1.1.0/16 and 192.168.1.0/24 with the exception of the address 192.168.1.1.
When implementing many rules, it is generally better to use the ngx_http_geo_module.
QUOTE:
location在location中使用正则表达式去匹配的话,第一个匹配上的就不会再去匹配别的规则了,因此下面的那个匹配php文件的规则实际上被忽略了,因此php文件访问的时候就提示是打开还是保存了。
syntax: location [=|~|~*|^~] /uri/ { ... }
default: no
context: server
This directive allows different configurations depending on the URI. It can be configured using both conventional strings and regular expressions. To use regular expressions, you must use the prefix ~* for case insensitive match and ~ for case sensitive match.
To determine which location directive matches a particular query, the conventional strings are checked first. Conventional strings match the beginning portion of the query and are case-sensitive - the most specific match will be used (see below on how nginx determines this). Afterwards, regular expressions are checked in the order defined in the configuration file. The first regular expression to match the query will stop the search. If no regular expression matches are found, the result from the convention string search is used.
