nginx - php-fpm: access restrictions for some php pages

m.desantis nginx-forum at nginx.us
Thu Jan 31 11:22:35 UTC 2013


Hello,

I have a folder containing some PHP files served with php-fpm (fastcgi);
inside tihs folder, I have a file which I want to be allowed for internal
IPs and deny for external.

The problem I have is that with this configuration...

# PHP
location ~ ^\/some\/path\/(.*\.php)$ {
  alias /some/path/;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
  #
  # # With php5-cgi alone:
  # fastcgi_pass 127.0.0.1:9000;
  # # With php5-fpm:
  fastcgi_pass unix:/var/run/php5-fpm.sock;
  fastcgi_index index.php;
  include fastcgi_params;
  # Changes due to the alias declaration
  fastcgi_param SCRIPT_FILENAME $document_root/$1;
  fastcgi_param SCRIPT_NAME /$1;
}

# PHP: phpinfo() access restrictions
location = /some/path/phpinfo.php {
  allow 10.0.0.0/24;
  deny all;
}

...access to /some/path/phpinfo.php is managed correctly but the fastcgi
rules are not applied (I download the phpinfo.php file); while with this
configuration...

# PHP
location ~ ^\/some\/path\/(.*\.php)$ {
  alias /some/path/;
  fastcgi_split_path_info ^(.+\.php)(/.+)$;
  # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
  #
  # # With php5-cgi alone:
  # fastcgi_pass 127.0.0.1:9000;
  # # With php5-fpm:
  fastcgi_pass unix:/var/run/php5-fpm.sock;
  fastcgi_index index.php;
  include fastcgi_params;
  # Changes due to the alias declaration
  fastcgi_param SCRIPT_FILENAME $document_root/$1;
  fastcgi_param SCRIPT_NAME /$1;
}

# PHP: phpinfo() access restrictions
location ~ ^\/some\/path\/phpinfo\.php$ {
  allow 10.0.0.0/24;
  deny all;
}

.../some/path/phpinfo.php is interpreted correctly but access restrictions
are not applied.

How can I fix the configuration in order that /some/path/phpinfo.php gets
interpreted and access restrictions are applied?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,235769,235769#msg-235769



More information about the nginx mailing list