nginx server configuration returns php code

2019-02-19 09:53发布

问题:

I have a nginx server and all seems to work finde but when I add a auth for a directory the server returns the php code as download.

server {
listen 80 default_server;
listen [::]:80 default_server;

listen 443 ssl;

root /var/www/html;
index index.php index.html index.htm;

server_name _;

location ^~ /auth/ {
    try_files $uri $uri/ =404;
    auth_basic "Auth";
    auth_basic_user_file /etc/nginx/.htpasswd;
}

location / {
    try_files $uri $uri/ =404;
}

location ~ /\. {
    deny  all;
}

location ~ \.php$ {
    include snippets/fastcgi-php.conf;
    fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}

location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|store) {
    deny all;
    return 403;
}

location ~* \.(gif|jpe?g|png|css)$ {
    expires   30d;
}

add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;

add_header Strict-Transport-Security 'max-age=31536000; preload';
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://ssl.google-analytics.com https://assets.zendesk.com https://connect.facebook.net; img-src 'self' https://ssl.google-analytics.com https://s-static.ak.facebook.com https://assets.zendesk.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://assets.zendesk.com; font-src 'self' https://themes.googleusercontent.com; frame-src https://assets.zendesk.com https://www.facebook.com https://s-static.ak.facebook.com https://tautt.zendesk.com; object-src 'none'";

ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8 valid=300s;
resolver_timeout 10s;

location ~ /\.ht {
    deny all;
}
}

Without the location ^~ /auth/ everything is okay. I have experienced this in different browsers.

回答1:

nginx processes a request by choosing a location. The new location does not contain the necessary code to execute PHP. You should add a nested location block to process PHP within the /auth/ directory.

location ^~ /auth/ {
    try_files $uri $uri/ =404;
    auth_basic "Auth";
    auth_basic_user_file /etc/nginx/.htpasswd;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }
}
...
location ~ \.php$ { ... }