Hello,
I have a folder containing some PHP files served with php-fpm (fastcgi); inside tihs folder, I have a file which I want to be allowed for internal IPs and deny for external.
The problem I have is that with this configuration...
# PHP
location ~ ^\/some\/path\/(.*\.php)$ {
alias /some/path/;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
# Changes due to the alias declaration
fastcgi_param SCRIPT_FILENAME $document_root/$1;
fastcgi_param SCRIPT_NAME /$1;
}
# PHP: phpinfo() access restrictions
location = /some/path/phpinfo.php {
allow 10.0.0.0/24;
deny all;
}
...access to /some/path/phpinfo.php is managed correctly but the fastcgi rules are not applied (I download the phpinfo.php file); while with this configuration...
# PHP
location ~ ^\/some\/path\/(.*\.php)$ {
alias /some/path/;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
# Changes due to the alias declaration
fastcgi_param SCRIPT_FILENAME $document_root/$1;
fastcgi_param SCRIPT_NAME /$1;
}
# PHP: phpinfo() access restrictions
location ~ ^\/some\/path\/phpinfo\.php$ {
allow 10.0.0.0/24;
deny all;
}
.../some/path/phpinfo.php is interpreted correctly but access restrictions are not applied.
How can I fix the configuration in order that /some/path/phpinfo.php gets interpreted and access restrictions are applied?
I have a folder containing some PHP files served with php-fpm (fastcgi); inside tihs folder, I have a file which I want to be allowed for internal IPs and deny for external.
The problem I have is that with this configuration...
# PHP
location ~ ^\/some\/path\/(.*\.php)$ {
alias /some/path/;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
# Changes due to the alias declaration
fastcgi_param SCRIPT_FILENAME $document_root/$1;
fastcgi_param SCRIPT_NAME /$1;
}
# PHP: phpinfo() access restrictions
location = /some/path/phpinfo.php {
allow 10.0.0.0/24;
deny all;
}
...access to /some/path/phpinfo.php is managed correctly but the fastcgi rules are not applied (I download the phpinfo.php file); while with this configuration...
# PHP
location ~ ^\/some\/path\/(.*\.php)$ {
alias /some/path/;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
# Changes due to the alias declaration
fastcgi_param SCRIPT_FILENAME $document_root/$1;
fastcgi_param SCRIPT_NAME /$1;
}
# PHP: phpinfo() access restrictions
location ~ ^\/some\/path\/phpinfo\.php$ {
allow 10.0.0.0/24;
deny all;
}
.../some/path/phpinfo.php is interpreted correctly but access restrictions are not applied.
How can I fix the configuration in order that /some/path/phpinfo.php gets interpreted and access restrictions are applied?