我嘗試在https://www.example.de/wp-admin.php和 /wp-login.php 上創建密碼,但它不起作用并跳過身份驗證部分。
我的配置:
server {
set $forward_scheme https;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.de;
# Exploit prevention
# Error Pages
# Assets
include /etc/nginx/conf.d/exploit.conf;
include /etc/nginx/conf.d/err.conf;
#include /etc/nginx/conf.d/assets.conf;
location ^~ / {
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
# HTTP aut wp-login & wp-admin areas
location ~* /(wp-login\.php) {
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
deny all;
allow 127.0.0.1;
satisfy all;
}
location ~* /wp-admin/.*\.php$ {
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
deny all;
allow 127.0.0.1;
satisfy all;
}
# Logging
access_log /var/log/nginx/alllectra.access.log;
error_log /var/log/nginx/alllectra.error.log;
}
隨意讓它變得比我更好。
?謝謝!
uj5u.com熱心網友回復:
此解決方案由@TexosAC編輯,歸@user973254 所有
似乎是您所在位置的順序不正確,試試這個(也是小修復):
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.de;
set $forward_scheme https;
# Logging
access_log /var/log/nginx/alllectra.access.log;
error_log /var/log/nginx/alllectra.error.log;
# Exploit prevention
# Error Pages
# Assets
include /etc/nginx/conf.d/exploit.conf;
include /etc/nginx/conf.d/err.conf;
#include /etc/nginx/conf.d/assets.conf;
# HTTP aut wp-login & wp-admin areas
location ~ ^/(wp-admin|wp-login\.php) {
satisfy any;
deny all;
allow 127.0.0.1;
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
location / {
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
}
uj5u.com熱心網友回復:
似乎是您的位置順序不正確,試試這個(也是小修復):
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.de;
set $forward_scheme https;
# Logging
access_log /var/log/nginx/alllectra.access.log;
error_log /var/log/nginx/alllectra.error.log;
# Exploit prevention
# Error Pages
# Assets
include /etc/nginx/conf.d/exploit.conf;
include /etc/nginx/conf.d/err.conf;
#include /etc/nginx/conf.d/assets.conf;
# HTTP aut wp-login & wp-admin areas
location ~ ^/(wp-admin|wp-login\.php) {
satisfy any;
deny all;
allow 127.0.0.1;
auth_basic "Authorization Required";
auth_basic_user_file /etc/nginx/.htpasswd;
}
location / {
include /etc/nginx/conf.d/proxy.conf;
proxy_pass https://10.10.10.6;
client_max_body_size 100M;
sendfile on;
}
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/gongcheng/461680.html
上一篇:Nginx:將請求分派到多個端點
