nginx：禁止访问文件夹，某些子文件夹除外

php 文件没有被处理的原因是当它到达/data/public/它停在那里的位置并且不知道如何处理 php 文件。

尝试将您的 php 位置放在另一个名为 php.conf 的文件中，并将该文件包含在您的服务器块和/data/public/块中。所以你的配置看起来像

server {
    location ^~ /data/public/ {
        allow all;
        try_files $uri $uri/ /index.php?args;
        # include to avoid writing it twice..
        include php.conf
    }

    location ^~ /data/ { 
        deny all; 
    }

    # .....
    # Some other config blocks
    # .....

    # Put this line instead of the php config block to avoid writing the php part twice
    include php.conf
}

该php.conf文件（在您的情况下）将如下所示：

location ~ \.php$ {
     fastcgi_split_path_info ^(.+\.php)(/.+)$;
     fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
     fastcgi_index index.php;
     include fastcgi_params;
}

位置规则应如下所示。

location ^~ /data/                { deny all; }

或者

location ^~ /data/public/               { allow all; }

nginx定位规则如下

To find a location matching a given request, nginx first checks locations defined using the prefix strings (prefix locations). Among them, the most specific one is searched. Then regular expressions are checked, in the order of their appearance in a configuration file. A search of regular expressions terminates on the first match, and the corresponding configuration is used. If no match with a regular expression is found then a configuration of the most specific prefix location is used.

nginx访问规则如下

"Access rules are checked according to the order of their declaration. The first rule that matches a particular address or set of addresses is the one that is obeyed."

所以一个工作配置应该看起来像

location ^~ /data/public/               { allow all; }
location ^~ /data/ { deny all; }

通过使用 deny all，它应该返回 403 Forbidden 而不是 404。

这应该允许访问和处理公共目录，并阻止任何其他内容。我在为 Magento 配置 nginx 时遇到了同样的问题，但我通过 ^~ 技巧解决了这个问题。