问题描述:
新配置了一台服务器,nginx这次使用yum快速安装的,结果发现html页面可以正常响应,php页面直接显示"Access denied",查看nginx错误日志,内容如下
[error] 7931#7931: *6 FastCGI sent in stderr: "Access to the script '/xxxxxxxxx/xxxxxx' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 172.16.20.62, server: test.xxxxx.cn, request: "GET /info.php HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "10.60.0.199"
解决方案:
1.检查nginx配置中的php解析配置,确保有明确的root项目路径,并且路径可以被正常访问到;注意fastcgi_param一栏,默认值经常为
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
修改为
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
或者直接注释掉
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
#include fastcgi_params;
新增加一行(一定要确保与fastcgi_params同级目录下有fastcgi.conf文件)
include fastcgi.conf;
2.核验phpinfo是否能够正常运行起来
3.phpinfo正常后,发现项目又出现同类问题,排查后发现是关掉了cgi.fix_pathinfo配置,默认是注释掉的,对应的默认值是1,如果通过PATH_INFO进行rewrite操作的项目,可能会出现问题,如果方便调整,尽量将其关闭,减少不必要的安全隐患。
评论已关闭!