欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

LNMP上配置openssl,只能访问html页面,PHP页面访问后直接把PHP文件下载下来了。

程序员文章站 2022-04-16 21:03:54
...
如题所示,LNMP上配置openssl,只能访问html页面,PHP页面访问后直接把PHP文件下载下来了。这是咋回事?
我的nginx.conf文件如下:
user  www www;

worker_processes auto;

error_log  /home/wwwlogs/nginx_error.log  crit;

pid        /usr/local/nginx/logs/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
    {
        use epoll;
        worker_connections 51200;
        multi_accept on;
    }

http
    {
        include       mime.types;
        default_type  application/octet-stream;
        server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile on;
        tcp_nopush     on;

        keepalive_timeout 60;

        tcp_nodelay on;

        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 256k;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.0;
        gzip_comp_level 2;
        gzip_types       text/plain application/x-javascript text/css application/xml;
        gzip_vary on;
        gzip_proxied        expired no-cache no-store private auth;
        gzip_disable        "MSIE [1-6]\.";

        #limit_conn_zone $binary_remote_addr zone=perip:10m;
        ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

        server_tokens off;
        #log format
        log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
             '$status $body_bytes_sent "$http_referer" '
             '"$http_user_agent" $http_x_forwarded_for';

server
    {
        listen 80 default;
        #listen [::]:80 default ipv6only=on;
        server_name www.lnmp.org;
        index index.html index.htm index.php;
        root  /home/wwwroot/default;

        #error_page   404   /404.html;
        location ~ [^/]\.php(/|$)
            {
                # comment try_files $uri =404; to enable pathinfo
                try_files $uri =404;
                fastcgi_pass  unix:/tmp/php-cgi.sock;
                fastcgi_index index.php;
                include fastcgi.conf;
                #include pathinfo.conf;
            }

        location /nginx_status {
            stub_status on;
            access_log   off;
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
            {
                expires      30d;
            }

        location ~ .*\.(js|css)?$
            {
                expires      12h;
            }

        access_log  /home/wwwlogs/access.log  access;
    }
    server { 
        listen       443 ssl; 
        server_name  fq.warsong.pw; 
        ssl                  on; 
        ssl_certificate      1_fq.warsong.pw_bundle.crt;
       ssl_certificate_key      2_fq.warsong.pw.key;
       ssl_session_timeout  5m; 
        ssl_protocols  SSLv3 TLSv1; 
        ssl_ciphers  HIGH:!ADH:!EXPORT56:RC4+RSA:+MEDIUM; 
        ssl_prefer_server_ciphers   on; 
        location / { 
            root   /home/wwwroot/fq.warsong.pw; 
            index  index.php index.html index.htm; 
        } 
    }
include vhost/fq.warsong.pw.conf;
}

回复内容:

如题所示,LNMP上配置openssl,只能访问html页面,PHP页面访问后直接把PHP文件下载下来了。这是咋回事?
我的nginx.conf文件如下:

user  www www;

worker_processes auto;

error_log  /home/wwwlogs/nginx_error.log  crit;

pid        /usr/local/nginx/logs/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
    {
        use epoll;
        worker_connections 51200;
        multi_accept on;
    }

http
    {
        include       mime.types;
        default_type  application/octet-stream;
        server_names_hash_bucket_size 128;
        client_header_buffer_size 32k;
        large_client_header_buffers 4 32k;
        client_max_body_size 50m;

        sendfile on;
        tcp_nopush     on;

        keepalive_timeout 60;

        tcp_nodelay on;

        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 64k;
        fastcgi_buffers 4 64k;
        fastcgi_busy_buffers_size 128k;
        fastcgi_temp_file_write_size 256k;

        gzip on;
        gzip_min_length  1k;
        gzip_buffers     4 16k;
        gzip_http_version 1.0;
        gzip_comp_level 2;
        gzip_types       text/plain application/x-javascript text/css application/xml;
        gzip_vary on;
        gzip_proxied        expired no-cache no-store private auth;
        gzip_disable        "MSIE [1-6]\.";

        #limit_conn_zone $binary_remote_addr zone=perip:10m;
        ##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.

        server_tokens off;
        #log format
        log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
             '$status $body_bytes_sent "$http_referer" '
             '"$http_user_agent" $http_x_forwarded_for';

server
    {
        listen 80 default;
        #listen [::]:80 default ipv6only=on;
        server_name www.lnmp.org;
        index index.html index.htm index.php;
        root  /home/wwwroot/default;

        #error_page   404   /404.html;
        location ~ [^/]\.php(/|$)
            {
                # comment try_files $uri =404; to enable pathinfo
                try_files $uri =404;
                fastcgi_pass  unix:/tmp/php-cgi.sock;
                fastcgi_index index.php;
                include fastcgi.conf;
                #include pathinfo.conf;
            }

        location /nginx_status {
            stub_status on;
            access_log   off;
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
            {
                expires      30d;
            }

        location ~ .*\.(js|css)?$
            {
                expires      12h;
            }

        access_log  /home/wwwlogs/access.log  access;
    }
    server { 
        listen       443 ssl; 
        server_name  fq.warsong.pw; 
        ssl                  on; 
        ssl_certificate      1_fq.warsong.pw_bundle.crt;
       ssl_certificate_key      2_fq.warsong.pw.key;
       ssl_session_timeout  5m; 
        ssl_protocols  SSLv3 TLSv1; 
        ssl_ciphers  HIGH:!ADH:!EXPORT56:RC4+RSA:+MEDIUM; 
        ssl_prefer_server_ciphers   on; 
        location / { 
            root   /home/wwwroot/fq.warsong.pw; 
            index  index.php index.html index.htm; 
        } 
    }
include vhost/fq.warsong.pw.conf;
}

第二个 server 似乎没配置和 PHP 有关的规则

相关标签: lnmp openssl php