我已经取消了上传目录的PHP执行权限,为什么PHP还是可以执行?
server{
listen 80;
server_name www.abc.com;
index index.html index.htm index.php default.html default.htm default.php;
root/home/wwwroot/abc;
include none.conf;
location ~ /(data|uploads|templets)/.*\.(php|php5)?$ {
deny all;
}
location ~ .*\.(php|php5)?$
{
try_files $uri =404;
fastcgi_passunix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log off;
}
按照:https://www.vpser.net/security/lnmp-remove-nginx-php-execute.html
修改的/usr/local/nginx/conf/vhost/abc.conf
取消了目录的PHP执行权限,为什么我传了个index.php
“<?php
echo "hello, world\n";
?>”
还是可以执行??
请教问题出在哪里?? 测试nginx配置/usr/local/nginx/sbin/nginx -t没问题
结果如下:nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
执行:/usr/local/nginx/sbin/nginx -s reload是配置生效也没问题
在完成这些操作之后我又重启了LNMP 配置上没问题
页:
[1]