我在服务器上以测试模式部署了一个应用程序。通过 HTTP 身份验证,对它的访问仅限于选定的用户组。这很好用。问题是,如果我通过不同的“位置”指令提供静态文件,nginx 会为这些文件提供“未授权”。我尝试关闭 auth_basic,但没有骰子。
这是虚拟主机配置:
# Virtual Host
upstream appname {
server 127.0.0.1:4000;
server 127.0.0.1:4001;
server 127.0.0.1:4002;
}
server {
listen 80;
server_name appname.domain.com;
# write app specific log
# make sure you create this file in your log directory before running behind nginx
access_log /home/apps/appname/shared/log/nginx.log main;
# let nginx serve static files directly
# images
location ^~/images {
auth_basic off;
root /home/apps/appname/current/public/images;
}
location ^~/covers {
auth_basic off;
root /home/apps/covers;
}
# # javascript
location ^~/javascripts {
auth_basic off;
root /home/apps/appname/current/public/javascripts;
}
# # css
location ^~/stylesheets {
auth_basic off;
root /home/apps/appname/current/public/style;
}
# Push all other requests to Merb
location / {
# needed to forward user's IP address to merb
proxy_set_header X-Real-IP $remote_addr;
auth_basic "domains";
auth_basic_user_file htpasswd;
if (!-f $request_filename) {
proxy_pass http://appname;
break;
}
}
}
有什么建议么 ?
编辑:
我尝试将图像放在另一个子域下并为其配置单独的“服务器”块 - 没有任何 http_auth。但它仍然在图像上给了我一个 403 禁止!这是我添加的内容:
server {
listen 80;
server_name images.domain.com;
access_log /home/apps/appname/shared/log/nginx_images.log main;
error_log /home/apps/appname/shared/log/nginx_images_error.log;
error_page 500 502 503 504 /500.html;
location = /500.html {
root /home/apps/www/http_error_codes;
}
location /images {
root /home/apps/appname/current/public/images;
}
location /covers {
root /home/apps/covers;
}
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
}
我还尝试打开一个新浏览器并直接从 images.domain.com 访问图像文件,但它仍然显示 403 禁止!
