我需要帮助记住我所做的,以允许Plesk使用.htaccess 。 我最近改变了域上的PHP上传文件大小,突然我的.htaccess指令停止工作。 这意味着我“固定”了一些东西,可能在httpd.conf ,并且愚蠢地没有将修复传播到Plesk文件中不被自动覆盖的东西。 (哟,白痴….)
我的.htaccess文件有一系列的条目,如下所示。 这就是它的全部内容。 目的是让我有example.com/command执行一个文件command ,就好像它是command.php 。 我已经这么做了几十年了。 如果你原谅我,如果你的答案是“不要那样做”的话,请不要这样做。 谢谢。
的.htaccess
<Files support> SetHandler proxy:unix:///var/www/vhosts/system/example.com/php-fpm.sock|fcgi://127.0.0.1:9000 </Files>
我已经尝试将每个Plesk的说明张贴到Apache的“其他指令”字段(创buildvhosts.conf文件,我重新configuration,所以它被正确包括),无济于事。
在http.conf
#ATTENTION! # #DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY, #SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED. #IF YOU REQUIRE TO APPLY CUSTOM MODIFICATIONS, PERFORM THEM IN THE FOLLOWING FILES: #/var/www/vhosts/system/example.com/conf/vhost.conf #/var/www/vhosts/system/example.com/conf/vhost_ssl.conf <IfModule mod_ssl.c> <VirtualHost 216.55.178.166:7081 > ServerName "example.com:443" ServerAlias "www.example.com" ServerAlias "ipv4.example.com" ServerAdmin "[email protected]" UseCanonicalName Off DocumentRoot "/var/www/vhosts/example.com/web" CustomLog /var/www/vhosts/system/example.com/logs/access_ssl_log plesklog ErrorLog "/var/www/vhosts/system/example.com/logs/error_log" <IfModule mod_suexec.c> SuexecUserGroup "me_phelps" "psacln" </IfModule> <IfModule mod_userdir.c> UserDir "/var/www/vhosts/example.com/web_users/*" </IfModule> <IfModule mod_sysenv.c> SetSysEnv PP_VHOST_ID "199da76e-b413-4968-8251-301b780838f1" </IfModule> ScriptAlias "/cgi-bin/" "/var/www/vhosts/example.com/web/cgi-bin/" Alias "/plesk-stat" "/var/www/vhosts/system/example.com/statistics" <Location /plesk-stat/> Options +Indexes </Location> <Location /plesk-stat/logs/> Require valid-user </Location> Alias /webstat /var/www/vhosts/system/example.com/statistics/webstat Alias /webstat-ssl /var/www/vhosts/system/example.com/statistics/webstat-ssl Alias /ftpstat /var/www/vhosts/system/example.com/statistics/ftpstat Alias /anon_ftpstat /var/www/vhosts/system/example.com/statistics/anon_ftpstat Alias /awstats-icon /var/www/html/awstats/icon SSLEngine on SSLVerifyClient none SSLCertificateFile /usr/local/psa/var/certificates/certW5TKkGV <Directory /var/www/vhosts/example.com/web> <IfModule mod_fcgid.c> <Files ~ (\.fcgi$)> SetHandler fcgid-script Options +ExecCGI </Files> </IfModule> <IfModule mod_proxy_fcgi.c> <Files ~ (\.php$)> SetHandler proxy:unix:///var/www/vhosts/system/example.com/php-fpm.sock|fcgi://127.0.0.1:9000 </Files> </IfModule> SSLRequireSSL Options -Includes +ExecCGI </Directory> <Directory "/var/www/vhosts/system/example.com/statistics"> AuthType Basic AuthName "Domain statistics" AuthUserFile "/var/www/vhosts/system/example.com/pd/d..httpdocs@plesk-stat" require valid-user </Directory> Alias /error_docs /var/www/vhosts/example.com/error_docs ErrorDocument 400 /error_docs/bad_request.html ErrorDocument 401 /error_docs/unauthorized.html ErrorDocument 403 /error_docs/forbidden.html ErrorDocument 404 /error_docs/not_found.html ErrorDocument 500 /error_docs/internal_server_error.html ErrorDocument 405 /error_docs/method_not_allowed.html ErrorDocument 406 /error_docs/not_acceptable.html ErrorDocument 407 /error_docs/proxy_authentication_required.html ErrorDocument 412 /error_docs/precondition_failed.html ErrorDocument 414 /error_docs/request_uri_too_long.html ErrorDocument 415 /error_docs/unsupported_media_type.html ErrorDocument 501 /error_docs/not_implemented.html ErrorDocument 502 /error_docs/bad_gateway.html ErrorDocument 503 /error_docs/maintenance.html DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml" Include "/var/www/vhosts/system/example.com/conf/vhost_ssl.conf" <Directory /var/www/vhosts/example.com> AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,FollowSymLinks,ExecCGI,Includes,IncludesNOEXEC </Directory> </VirtualHost> </IfModule> <VirtualHost 216.55.178.166:7080 > ServerName "example.com:80" ServerAlias "www.example.com" ServerAlias "ipv4.example.com" ServerAdmin "[email protected]" UseCanonicalName Off DocumentRoot "/var/www/vhosts/example.com/web" CustomLog /var/www/vhosts/system/example.com/logs/access_log plesklog ErrorLog "/var/www/vhosts/system/example.com/logs/error_log" <IfModule mod_suexec.c> SuexecUserGroup "me_phelps" "psacln" </IfModule> <IfModule mod_userdir.c> UserDir "/var/www/vhosts/example.com/web_users/*" </IfModule> <IfModule mod_sysenv.c> SetSysEnv PP_VHOST_ID "199da76e-b413-4968-8251-301b780838f1" </IfModule> ScriptAlias "/cgi-bin/" "/var/www/vhosts/example.com/web/cgi-bin/" Redirect permanent /plesk-stat https://example.com/plesk-stat Redirect permanent /webstat https://example.com/webstat Redirect permanent /webstat-ssl https://example.com/webstat-ssl Redirect permanent /ftpstat https://example.com/ftpstat Redirect permanent /anon_ftpstat https://example.com/anon_ftpstat Redirect permanent /awstats-icon https://example.com/awstats-icon <IfModule mod_ssl.c> SSLEngine off </IfModule> <Directory /var/www/vhosts/example.com/web> <IfModule mod_fcgid.c> <Files ~ (\.fcgi$)> SetHandler fcgid-script Options +ExecCGI </Files> </IfModule> <IfModule mod_proxy_fcgi.c> <Files ~ (\.php$)> SetHandler proxy:unix:///var/www/vhosts/system/example.com/php-fpm.sock|fcgi://127.0.0.1:9000 </Files> </IfModule> Options -Includes +ExecCGI </Directory> <Directory "/var/www/vhosts/system/example.com/statistics"> AuthType Basic AuthName "Domain statistics" AuthUserFile "/var/www/vhosts/system/example.com/pd/d..httpdocs@plesk-stat" require valid-user </Directory> Alias /error_docs /var/www/vhosts/example.com/error_docs ErrorDocument 400 /error_docs/bad_request.html ErrorDocument 401 /error_docs/unauthorized.html ErrorDocument 403 /error_docs/forbidden.html ErrorDocument 404 /error_docs/not_found.html ErrorDocument 500 /error_docs/internal_server_error.html ErrorDocument 405 /error_docs/method_not_allowed.html ErrorDocument 406 /error_docs/not_acceptable.html ErrorDocument 407 /error_docs/proxy_authentication_required.html ErrorDocument 412 /error_docs/precondition_failed.html ErrorDocument 414 /error_docs/request_uri_too_long.html ErrorDocument 415 /error_docs/unsupported_media_type.html ErrorDocument 501 /error_docs/not_implemented.html ErrorDocument 502 /error_docs/bad_gateway.html ErrorDocument 503 /error_docs/maintenance.html DirectoryIndex "index.html" "index.cgi" "index.pl" "index.php" "index.xhtml" "index.htm" "index.shtml" Include "/var/www/vhosts/system/example.com/conf/vhost.conf" <Directory /var/www/vhosts/example.com> AllowOverride AuthConfig FileInfo Indexes Limit Options=Indexes,SymLinksIfOwnerMatch,MultiViews,FollowSymLinks,ExecCGI,Includes,IncludesNOEXEC </Directory> </VirtualHost>
我想到了将AllowOverride改为All ,但是使用vhost.conf文件应该已经可以工作了,不是吗? 对于我来说, vhost.conf文件是一个非常合适的解决scheme,同样可以让我心爱的.htacessfunction恢复(尽pipe性能受到影响)。 但现在,试图执行example.com/supportnetworking我Access Prohibited错误。 当我看我的错误文件,我发现…
example.com/logs/error_log
[proxy_fcgi:error] [pid 19834] [client 67.161.220.240:48094] AH01071: Got error 'Access to the script '/var/www/vhosts/example.com/web/support' has been denied (see security.limit_extensions)\n'
请注意,我已经尝试将security.limit_extensions =设置为空白,但是这也不起作用。 我了解安全限制,但我在自己的服务器上工作,所以我愿意承担风险。
example.com/log/proxy_error_log(nginx)
[error] 27192#0: *115850 connect() failed (111: Connection refused) while connecting to upstream, client: 46.17.42.140, server: exammple.com, request: "POST /support/contact_us HTTP/1.1", upstream: "http://1.1.1.1:7080/support/contact_us", host: "example.com"
而且,为了彻底,nginx的configuration文件。
nginx.conf
#ATTENTION! # #DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY, #SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED. server { listen 216.55.178.166:443 ssl; server_name example.com; server_name www.example.com; server_name ipv4.example.com; ssl_certificate /usr/local/psa/var/certificates/certW5TKkGV; ssl_certificate_key /usr/local/psa/var/certificates/certW5TKkGV; client_max_body_size 128m; root "/var/www/vhosts/example.com/web"; access_log "/var/www/vhosts/system/example.com/logs/proxy_access_ssl_log"; error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log"; location / { proxy_pass https://216.55.178.166:7081; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Accel-Internal /internal-nginx-static-location; access_log off; } location /internal-nginx-static-location/ { alias /var/www/vhosts/example.com/web/; internal; } location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) { proxy_pass https://216.55.178.166:7081; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Accel-Internal /internal-nginx-static-location; access_log off; } add_header X-Powered-By PleskLin; } server { listen 216.55.178.166:80; server_name example.com; server_name www.example.com; server_name ipv4.example.com; client_max_body_size 128m; root "/var/www/vhosts/example.com/web"; access_log "/var/www/vhosts/system/example.com/logs/proxy_access_log"; error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log"; location / { proxy_pass http://216.55.178.166:7080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Accel-Internal /internal-nginx-static-location; access_log off; } location /internal-nginx-static-location/ { alias /var/www/vhosts/example.com/web/; internal; } location ~ ^/(plesk-stat|awstats-icon|webstat|webstat-ssl|ftpstat|anon_ftpstat) { proxy_pass http://216.55.178.166:7080; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Accel-Internal /internal-nginx-static-location; access_log off; } add_header X-Powered-By PleskLin; }
有些东西是有效的,有些则不在我们复杂的小世界里。
我确实需要添加以下内容:
[php-fpm-pool-settings] security.limit_extensions =
问题是,Plesk的“PHP设置”下的域的“addintional directives”字段显然没有任何作用 。 那么,也许它做了什么,但无论它做了什么,它没有工作。
我不得不手动创build一个/var/www/vhosts/system/example.com/conf/php.ini文件,并将上面两行添加到它。 然后,我必须通过Plesk的“PHP设置”页面“空白”应用空白变更(不pipe是否有实际变化),以便所有configuration都能正确组合,并重新启动正确的服务。
然后它工作。
我花了两天时间跟踪这个丑陋的bug,所有这些都是因为Plesk的“additonal directives”字段不能像广告一样工作。
干杯,伙伴。