0

I am writing some PHP CMS code with a clean url implementation in Nginx. To improve security of my code I want to rewrite all of the requests in my root directory / using the following type:

rewrite ^(.*)$ /index.php?q=$1 last;

With this kind of rewrite the rest of the php scripts will not be accessible from the user's side (they will be only, if included in php, am I right?). However, I do not want to rewrite the request in one location (for mi that will me /static/), because I will be serving only static content such as images and css from that location. How can I make this rewrite not work in certain locations?

jmq
  • 127
  • 1
  • 2
  • 8
DeckTone
  • 11
  • 2

1 Answers1

1

Understanding and using the location directive should solve your problem. When location is followed only by a prefix string (i.e. without modifiers such as '=', or '~*'), the longest prefix string is matched first. For example: 

server {
    server_name example.org;
    root /var/www/site;

    location / {
        # Configuration A
    }

    location /static {
        # Configuration B
    }

In this configuration, the URL example.org/static/foo.gif would match Configuration B because the prefix string /static is longer than /. Meanwhile, example.org/index.php?q=bar would match Configuration A because that is the only match.

You could then have Configuration A serve up content with PHP, while Configuration B serves static content.

Also, I would highly recommend reading through the Nginx Pitfalls page, if you haven't already. It addresses some issues that are highly relevant in your situation, such as taxing rewrites, using fastcgi_pass safely, and so forth.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972
billyw
  • 1,572
  • 15
  • 26
  • So rewrite conditions used in / will not work in /static ? – DeckTone May 22 '14 at 16:43
  • In this configuration, yes. Any given URL will match only one location. There is a lot more to the location directive than I've presented. For a full explanation of its matching algorithm, read the following: http://nginx.org/en/docs/http/ngx_http_core_module.html#location – billyw May 22 '14 at 17:04
  • and am I wright with that, with rewrite ^(.*)$ /index.php?q=$1 last; rewrite any files (excluding index.php) will not be accesible? And will then they work, when I will include them in PHP? – DeckTone May 22 '14 at 17:27
  • It depends on your complete server configuration, and how PHP FastCGI is configured. – Tero Kilkanen May 22 '14 at 23:56