teratail
回答率
85.48%
質問するログイン新規登録
トップに関する質問NGINXでindex.php無しの正規化をかけるとphpMyAdminログイン画面が表示され続ける

編集履歴

質問編集履歴

6

ssl.conf内容更新

2021/05/12 06:45

投稿

Katsu.Okada
Katsu.Okada

スコア15

test CHANGED
File without changes
test CHANGED
@@ -206,10 +206,6 @@
206
206
 
207
207
  }
208
208
 
209
- #include shib_fastcgi_params;
210
-
211
- #include shib_clear_headers;
212
-
213
209
  fastcgi_pass 127.0.0.1:9000;
214
210
 
215
211
  fastcgi_index index.php;
@@ -226,16 +222,10 @@
226
222
 
227
223
  fastcgi_read_timeout 120s;
228
224
 
229
- #include naxsi.d/wordpress/*.conf;
230
-
231
225
  }
232
226
 
233
227
  include conf.d/security.conf;
234
228
 
235
- #add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains;preload;' always;
236
-
237
- #include naxsi.d/wordpress/*.conf;
238
-
239
229
  }
240
230
 
241
231
 
@@ -250,10 +240,6 @@
250
240
 
251
241
  }
252
242
 
253
- #include shib_fastcgi_params;
254
-
255
- #include shib_clear_headers;
256
-
257
243
  fastcgi_pass 127.0.0.1:9000;
258
244
 
259
245
  fastcgi_index index.php;
@@ -344,12 +330,6 @@
344
330
 
345
331
  include conf.d/security.conf;
346
332
 
347
- #add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains;preload;' always;
348
-
349
- #include naxsi.d/wordpress/*.conf;
350
-
351
-
352
-
353
333
  }
354
334
 
355
335
 
@@ -442,8 +422,6 @@
442
422
 
443
423
  }
444
424
 
445
-
446
-
447
425
  }
448
426
 
449
427
  ```

5

ssl.conf内容更新

2021/05/12 06:45

投稿

Katsu.Okada
Katsu.Okada

スコア15

test CHANGED
File without changes
test CHANGED
@@ -426,7 +426,7 @@
426
426
 
427
427
  }
428
428
 
429
- location ~* /STYLICS/.*.(png|jpe?g)$ {
429
+ location ~* /AAA/.*.(png|jpe?g)$ {
430
430
 
431
431
  add_header Vary Accept;
432
432
 

4

ssl.confの内容を更新

2021/05/12 06:42

投稿

Katsu.Okada
Katsu.Okada

スコア15

test CHANGED
File without changes
test CHANGED
@@ -36,10 +36,98 @@
36
36
 
37
37
  ```ssl.conf
38
38
 
39
+ server {
40
+
41
+ listen 443 ssl http2;
42
+
43
+ server_name hoge.com;
44
+
45
+ ssl_certificate /etc/letsencrypt/live/hoge.com/fullchain.pem; # managed by Certbot
46
+
47
+ ssl_certificate_key /etc/letsencrypt/live/hoge.com/privkey.pem; # managed by Certbot
48
+
49
+ ssl_dhparam /etc/kusanagi.d/ssl/dhparam.key;
50
+
51
+ ssl_session_tickets on;
52
+
53
+ ssl_session_ticket_key /etc/kusanagi.d/ssl_sess_ticket.key;
54
+
55
+ ssl_session_cache shared:SSL:1m;
56
+
57
+ ssl_session_timeout 5m;
58
+
59
+ ssl_protocols TLSv1.2 TLSv1.3;
60
+
61
+ ssl_ciphers "AES128+ECDHE:AES256+ECDHE:AES128+EDH:AES256+EDH:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4!CAMELLIA!AES128-SHA!AES128-SHA256!AES128-GCM-SHA256:!AES256-GCM-SHA384:!AES256-SHA256:!AES256-SHA!AES256-CCM8!AES256-CCM!AES128-CCM!ARIA128-GCM-SHA256!AES128-CCM8!ARIA256-GCM-SHA384";
62
+
63
+ ssl_prefer_server_ciphers on;
64
+
65
+ access_log /home/kusanagi/aaa/log/nginx/ssl_access.log main;
66
+
67
+ error_log /home/kusanagi/aaa/log/nginx/ssl_error.log warn;
68
+
69
+
70
+
71
+ charset UTF-8;
72
+
73
+ client_max_body_size 50M;
74
+
75
+ root /home/kusanagi/aaa/DocumentRoot;
76
+
77
+ index index.php index.html index.htm;
78
+
79
+
80
+
81
+ location = /50x.html {
82
+
83
+ return 403;
84
+
85
+ }
86
+
87
+
88
+
89
+ rewrite /wp-admin$ $scheme://$host$uri/ permanent;
90
+
91
+
92
+
39
93
  location / {
40
94
 
41
95
  try_files $uri $uri/ /index.php?$args;
42
96
 
97
+
98
+
99
+ # B-start index.phpの内容がダウンロードされる
100
+
101
+ location ~ .php(.*)$ {
102
+
103
+ if ($request_uri ~* "^(.*/)index.php(.*)$") {
104
+
105
+ return 301 $1$2;
106
+
107
+ }
108
+
109
+ }
110
+
111
+ # B-end
112
+
113
+ }
114
+
115
+
116
+
117
+ location = /favicon.ico {
118
+
119
+ log_not_found off;
120
+
121
+ access_log off;
122
+
123
+ }
124
+
125
+
126
+
127
+ location ~* /.well-known {
128
+
129
+ allow all;
130
+
43
131
  }
44
132
 
45
133
 
@@ -56,14 +144,306 @@
56
144
 
57
145
 
58
146
 
59
- #A start
60
-
61
- if ($request_uri ~* "^(.*/)index.php(.*)$") {
62
-
63
- return 301 $1$2;
64
-
65
- }
66
-
67
- #A end
147
+ location ~* /. {
148
+
149
+ deny all;
150
+
151
+ }
152
+
153
+
154
+
155
+ location ~* /(?:uploads|files)/.*.php$ {
156
+
157
+ deny all;
158
+
159
+ }
160
+
161
+
162
+
163
+ location ~* .(jpg|jpeg|gif|png|css|js|swf|ico|pdf|svg|eot|ttf|woff)$ {
164
+
165
+ expires 60d;
166
+
167
+ access_log off;
168
+
169
+ }
170
+
171
+
172
+
173
+ # A-start
174
+
175
+ #if ($request_uri ~* "^(.*/)index.php(.*)$") {
176
+
177
+ # return 301 $1$2;
178
+
179
+ #}
180
+
181
+ # A-end
182
+
183
+
184
+
185
+ location ~* /wp-login.php|/wp-admin/((?!(admin-ajax.php|images/)).)*$ {
186
+
187
+ satisfy any;
188
+
189
+ allow 0.0.0.0/0;
190
+
191
+ allow 127.0.0.1;
192
+
193
+ deny all;
194
+
195
+ auth_basic "basic authentication";
196
+
197
+ auth_basic_user_file "/home/kusanagi/.htpasswd";
198
+
199
+ location ~ [^/].php(/|$) {
200
+
201
+ fastcgi_split_path_info ^(.+?.php)(/.*)$;
202
+
203
+ if (!-f $document_root$fastcgi_script_name) {
204
+
205
+ return 404;
206
+
207
+ }
208
+
209
+ #include shib_fastcgi_params;
210
+
211
+ #include shib_clear_headers;
212
+
213
+ fastcgi_pass 127.0.0.1:9000;
214
+
215
+ fastcgi_index index.php;
216
+
217
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
218
+
219
+ include fastcgi_params;
220
+
221
+ fastcgi_buffers 256 128k;
222
+
223
+ fastcgi_buffer_size 128k;
224
+
225
+ fastcgi_intercept_errors on;
226
+
227
+ fastcgi_read_timeout 120s;
228
+
229
+ #include naxsi.d/wordpress/*.conf;
230
+
231
+ }
232
+
233
+ include conf.d/security.conf;
234
+
235
+ #add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains;preload;' always;
236
+
237
+ #include naxsi.d/wordpress/*.conf;
238
+
239
+ }
240
+
241
+
242
+
243
+ location ~ [^/].php(/|$) {
244
+
245
+ fastcgi_split_path_info ^(.+?.php)(/.*)$;
246
+
247
+ if (!-f $document_root$fastcgi_script_name) {
248
+
249
+ return 404;
250
+
251
+ }
252
+
253
+ #include shib_fastcgi_params;
254
+
255
+ #include shib_clear_headers;
256
+
257
+ fastcgi_pass 127.0.0.1:9000;
258
+
259
+ fastcgi_index index.php;
260
+
261
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
262
+
263
+ include fastcgi_params;
264
+
265
+ fastcgi_buffers 256 128k;
266
+
267
+ fastcgi_buffer_size 128k;
268
+
269
+ fastcgi_intercept_errors on;
270
+
271
+ fastcgi_read_timeout 120s;
272
+
273
+
274
+
275
+ set $do_not_cache 1; ## page cache
276
+
277
+ set $device "pc";
278
+
279
+
280
+
281
+ if ($request_method = POST) {
282
+
283
+ set $do_not_cache 1;
284
+
285
+ }
286
+
287
+
288
+
289
+ if ($query_string != "") {
290
+
291
+ set $do_not_cache 1;
292
+
293
+ }
294
+
295
+
296
+
297
+ if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
298
+
299
+ set $do_not_cache 1;
300
+
301
+ }
302
+
303
+
304
+
305
+ if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
306
+
307
+ set $do_not_cache 1;
308
+
309
+ }
310
+
311
+
312
+
313
+ if ($http_user_agent ~* " Android |(iPad|Android; Tablet; .+Firefox") {
314
+
315
+ set $device "tablet";
316
+
317
+ }
318
+
319
+
320
+
321
+ if ($http_user_agent ~* "Android .+ Mobile|(iPhone|(iPod|IEMobile|Android; Mobile; .+Firefox|Windows Phone") {
322
+
323
+ set $device "smart";
324
+
325
+ }
326
+
327
+
328
+
329
+ fastcgi_cache wpcache;
330
+
331
+ fastcgi_cache_key "$device:$request_method:$scheme://$host$request_uri";
332
+
333
+ fastcgi_cache_valid 200 10m;
334
+
335
+ fastcgi_no_cache $do_not_cache;
336
+
337
+ fastcgi_cache_bypass $do_not_cache;
338
+
339
+
340
+
341
+ add_header X-F-Cache $upstream_cache_status;
342
+
343
+ add_header X-Signature KUSANAGI;
344
+
345
+ include conf.d/security.conf;
346
+
347
+ #add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains;preload;' always;
348
+
349
+ #include naxsi.d/wordpress/*.conf;
350
+
351
+
352
+
353
+ }
354
+
355
+
356
+
357
+ location ~ /fcache-purge/([^/]+)(/.*) {
358
+
359
+ allow 127.0.0.1;
360
+
361
+ deny all;
362
+
363
+ fastcgi_cache_purge wpcache "$1:GET:$scheme://$host$2";
364
+
365
+ }
366
+
367
+
368
+
369
+ # WebP Express rules
370
+
371
+ # --------------------
372
+
373
+ location ~* /wp/wp-content/.*.(png|jpe?g)$ {
374
+
375
+ add_header Vary Accept;
376
+
377
+ expires 365d;
378
+
379
+ if ($http_accept !~* "webp"){
380
+
381
+ break;
382
+
383
+ }
384
+
385
+ try_files
386
+
387
+ /wp/wp-content/webp-express/webp-images/doc-root/$uri.webp
388
+
389
+ $uri.webp
390
+
391
+ /wp/wp-content/plugins/webp-express/wod/webp-on-demand.php?xsource=x$request_filename&wp-content=wp-content
392
+
393
+ ;
394
+
395
+ }
396
+
397
+
398
+
399
+ # Route requests for non-existing webps to the converter
400
+
401
+ location ~* /wp/wp-content/.*.(png|jpe?g).webp$ {
402
+
403
+ try_files
404
+
405
+ $uri
406
+
407
+ /wp/wp-content/plugins/webp-express/wod/webp-realizer.php?wp-content=wp-content
408
+
409
+ ;
410
+
411
+ }
412
+
413
+ # ------------------- (WebP Express rules ends here)
414
+
415
+
416
+
417
+ # WebP extra folder rules
418
+
419
+ # -------------------------
420
+
421
+ location ~* /images/.*.(png|jpe?g)$ {
422
+
423
+ add_header Vary Accept;
424
+
425
+ try_files $uri$webp_suffix $uri =404;
426
+
427
+ }
428
+
429
+ location ~* /STYLICS/.*.(png|jpe?g)$ {
430
+
431
+ add_header Vary Accept;
432
+
433
+ try_files $uri$webp_suffix $uri =404;
434
+
435
+ }
436
+
437
+ location ~* /common/images/.*.(png|jpe?g)$ {
438
+
439
+ add_header Vary Accept;
440
+
441
+ try_files $uri$webp_suffix $uri =404;
442
+
443
+ }
444
+
445
+
446
+
447
+ }
68
448
 
69
449
  ```

3

誤記修正

2021/05/12 06:40

投稿

Katsu.Okada
Katsu.Okada

スコア15

test CHANGED
@@ -1 +1 @@
1
- ごきNGINXでindex.php無しの正規化をかけるとphpMyAdminログイン画面が表示され続ける
1
+ NGINXでindex.php無しの正規化をかけるとphpMyAdminログイン画面が表示され続ける
test CHANGED
File without changes

2

誤記修正

2021/05/11 07:44

投稿

Katsu.Okada
Katsu.Okada

スコア15

test CHANGED
@@ -1 +1 @@
1
- NGINXでindex.php無しの正規化をかけるとphpMyAdminログイン画面が表示され続ける
1
+ ごきNGINXでindex.php無しの正規化をかけるとphpMyAdminログイン画面が表示され続ける
test CHANGED
@@ -40,8 +40,6 @@
40
40
 
41
41
  try_files $uri $uri/ /index.php?$args;
42
42
 
43
- #include naxsi.d/wordpress/*.conf;
44
-
45
43
  }
46
44
 
47
45
 

1

コード修正

2021/05/11 07:39

投稿

Katsu.Okada
Katsu.Okada

スコア15

test CHANGED
File without changes
test CHANGED
@@ -38,7 +38,7 @@
38
38
 
39
39
  location / {
40
40
 
41
- try_files $uri $uri/ /ndex.php?$args;
41
+ try_files $uri $uri/ /index.php?$args;
42
42
 
43
43
  #include naxsi.d/wordpress/*.conf;
44
44
 
@@ -50,7 +50,7 @@
50
50
 
51
51
  # Outer Word Press Files
52
52
 
53
- root /home/kusanagi/stylics_trial/DocumentRoot;
53
+ root /home/kusanagi/aaa/DocumentRoot;
54
54
 
55
55
  index index.php index.html index.htm;
56
56