我的網站位於https://www.example.com ,我的 CMS 面板位於
https://www.example.com/administrator-> 301 ->
https://www.example.com/administrator/-> 302
https://www.example.com/administrator/Login.aspx?Session=Out
我試圖限制對 /administrator 的訪問,但這不起作用 - 有人可以幫忙嗎?
location ~*/administrator {
allow 10.0.0.0/8;
deny all;
}
這是日誌
192.168.5.232 - - [20/Apr/2023:09:17:57 +0530] "GET /administrator/ HTTP/2.0" 302 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0"
192.168.5.232 - - [20/Apr/2023:09:17:57 +0530] "GET /administrator/Login.aspx?Session=Out HTTP/2.0" 200 2448 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0"
這是錯誤日誌
2023/04/20 09:15:34 [notice] 4810#4810: *467 "GET|HEAD|POST" matches "GET", client: 192.168.5.232, server: example.com, request: "GET /administrator/error HTTP/2.0", host: "www.example.com", referrer: "https://www.example.com/administrator/Login.aspx?Session=Out"
2023/04/20 09:17:57 [notice] 4962#4962: *513 "GET|HEAD|POST" matches "GET", client: 192.168.5.232, server: example.com, request: "GET /administrator/ HTTP/2.0", host: "www.example.com"
2023/04/20 09:17:57 [notice] 4962#4962: *513 "GET|HEAD|POST" matches "GET", client: 192.168.5.232, server: example.com, request: "GET /administrator/Login.aspx?Session=Out HTTP/2.0", host: "www.example.com"
答案1
這裡不需要正規表示式。只要目錄就可以了
location /administrator/ {
allow 10.0.0.0/8;
deny all;
}
並且您在 後面缺少一個空格~*,這很可能是實際的問題。