【问题标题】:Symfony2 Nginx auth_basic config don't open web assestsSymfony2 Nginx auth_basic 配置不打开网络资产
【发布时间】:2016-04-20 13:27:25
【问题描述】:

我正在使用 Symfony2、Nginx 开发一个项目。

项目位于我的子域中,例如 Developing_site.mysite.com。

我想限制对该子域的访问而无需身份验证。不仅适用于开发和配置文件,还适用于生产环境。

所以我在 symfony 官方网站推荐的 nginx 配置中 location/ 扇区的 nginx 配置文件中添加了 auth_basic 组件。 因此,在页面加载之前,服务器会询问身份验证并加载除/web 目录中存储的任何文件(如图像、js、css 等)之外的所有内容。因此,所有内容都由 .php 处理,但没有任何样式和动态功能。

那么我该如何解决这个问题呢?我做错了什么?

Nginx 配置如下:

server {

listen {MyServerIp};
server_name developing_site.mysite.com;

root /var/www/developing_site/web;
index index.php index.html index.htm;

location / {
    try_files $uri /app.php$is_args$args;
    auth_basic "Restricted Content";
    auth_basic_user_file var/www/developing_site/.lock/.htpasswd;
}

# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    # Prevents URIs that include the front controller. This will 404:
    # http://domain.tld/app.php/some-path
    # Remove the internal directive to allow URIs like this
    internal;
}

error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}

【问题讨论】:

  • 您正在混合 DEV 和 PROD 环境,逻辑上您不能在同一个文件夹中有 2 个环境。尝试删除整个#DEV 配置块并重新加载 nginx

标签: php symfony authentication nginx


【解决方案1】:

我自己解决了这个问题..

两个错误:

  1. 语法错误
  2. auth_basic 块的位置不正确

语法错误在var/www/developing_site/.lock/.htpasswd;。我使用相对链接而不是绝对链接。正确的形式是/var/www/developing_site/.lock/.htpasswd;(对不起……)

当我将auth_basic 块放在location/ 中时,我将身份验证设置为仅/ 位置,实际上处理所有/web 请求...(/web 请求未处理,因为 1 -st 错误...)

主要的 symfony 请求由 nginx 配置文件中的 location ~ ^/(app_dev|config)\.php(/|$) 块处理。

解决方案:要限制对 Developing_site.mysite.com 任何文件的任何请求,无需身份验证,auth_basic 块应放在任何 location 块之前。

所以正确的 nginx 配置应该是这样的:

server {

listen MyServerIp;
server_name developing_site.mysite.com;

auth_basic "Unauthorized";
auth_basic_user_file /var/www/.lock/.htpasswd;

root /var/www/developing_site/web;
index index.php index.html index.htm;

location / {
    try_files $uri /app.php$is_args$args;
}

# DEV
# This rule should only be placed on your development environment
# In production, don't include this and don't deploy app_dev.php or config.php
location ~ ^/(app_dev|config)\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
}
# PROD
location ~ ^/app\.php(/|$) {
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param  SCRIPT_FILENAME  $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    # Prevents URIs that include the front controller. This will 404:
    # http://domain.tld/app.php/some-path
    # Remove the internal directive to allow URIs like this
    internal;
}

error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}

【讨论】:

    猜你喜欢
    • 2011-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    • 1970-01-01
    相关资源
    最近更新 更多