Да, вы правы, локация не в том порядке, вот что получилось, но как выяснилось, по частям не вариант, получилось уже приличное количество исключений, для отдачи 403 location ~* ^.+\.(xml|ini|bin|sql|log)$ { deny all; return 403; } server { listen 192.168.0.147:443; server_name site.com; root /home/admin/web/site.com/public_html; index index.php index.html index.htm; access_log /var/log/nginx/domains/site.com.log combined; access_log /var/log/nginx/domains/site.com.bytes bytes; error_log /var/log/nginx/domains/site.com.error.log error;
ssl on; ssl_certificate /home/admin/conf/web/ssl.site.com.pem; ssl_certificate_key /home/admin/conf/web/ssl.site.com.key; location / { root /home/admin/web/site.com/public_html; location ~ ^/[A-Z][A-Za-z]*. { if (!-e $request_filename) { #rewrite ^/(.*)$ /core/Load.php?q=$1 last; Не работает Inclede с относительным путем rewrite ^/(.*)$ /index2.php?q=$1 last; } } location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ { expires max; } location ~ [^/]\.php(/|$) { fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; if (!-f $document_root$fastcgi_script_name) { return 404; } fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include /etc/nginx/fastcgi_params; } location ~* ^.+\.(xml|ini|bin|sql|log)$ { deny all; return 403; } } #error_page 403 /error/404.html; #error_page 404 /error/404.html; error_page 500 502 503 504 /error/50x.html; location /error/ { alias /home/admin/web/site.com/document_errors/; } location ~* "/\.(htaccess|htpasswd)$" { deny all; return 404; } include /etc/nginx/conf.d/phpmyadmin.inc*; include /etc/nginx/conf.d/phppgadmin.inc*; include /etc/nginx/conf.d/webmail.inc*; include /home/admin/conf/web/snginx.site.com.conf*; } Posted at Nginx Forum: https://forum.nginx.org/read.php?21,272923,272951#msg-272951 _______________________________________________ nginx-ru mailing list nginx-ru@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-ru