nginx regex rewrite not working for php script

Maximus

5/28/23, 1:35 PM

I am trying to block PHP script execution in few folders for a WordPress installation but Nginx is giving me hard time.

location = /wp/wp-includes/category.php {
    deny all;
}

I am able to block individual script using exact match but when I use regex it doesn't work.

location ~* /wp/wp-includes/.*\.php$ {
    deny all;
}

I am not sure what am I doing wrong?

EDIT

I have following rules after above rules:

location / {
    error_page 418 = @cachemiss;
    # To allow POST on static pages. Will search with me error
    error_page  405 =200 $uri;
    recursive_error_pages on;

    # bypass cache for common query strings
  if ($arg_s != "") { return 418; } # search query
  if ($arg_p != "") { return 418; } # request a post / page by ID
  if ($arg_amp != "") { return 418; } # amp test
  if ($arg_preview = "true") { return 418; } # preview post / page

  if ($http_cookie ~* "(wordpress_logged_in_|wp\-postpass_|woocommerce_items_in_cart|woocommerce_cart_hash|wptouch_switch_toogle|comment_author_|comment_author_email_)") {
    return 418;
  }
  # by pass caching for post requests
  if ($request_method = POST ) {
    return 418;
  }

  if (!-f "$rocket_file") {
    return 418;
  }

  etag on;
  try_files "$rocket_url" $uri $uri/ /index.php$is_args$args;
}


location @cachemiss {
  try_files $uri $uri/ /index.php$is_args$args;
}

0 + 0

nginx

ngx-http-rewrite-module

Tero Kilkanen

5/28/23, 4:26 PM

Please show output of `nginx -T` so we can see the full nginx configuration.

Ivan Shatsky

5/29/23, 12:03 PM

@Maximus Regex matching locations are checked from first to last. The first matched location is selected to process the request. Having that location __after__ the usual `location ~ \.php$ { ... }` PHP handler will make it unreachable - you need to place it __before__ the default PHP handler. On the other hand exact matching locations (`location = <uri> { ... }`) have greater priority over any other locations type, so your first location will work no matter where it will be placed.

Maximus

6/3/23, 1:27 AM

@IvanShatsky I have this location at the top of the file and then wordpress rewrite rule.

Ivan Shatsky

6/3/23, 1:31 AM

@Maximus What do you mean by "wordpress rewrite rule"?

Maximus

6/3/23, 1:47 AM

@IvanShatsky I just updated my question. Thank your for the help.

Ivan Shatsky

6/3/23, 2:06 AM

@Maximus I don't see anything that could be the cause, but I don't see either the PHP handler (usually `location ~ \.php$ { ... }` or something similar). Are you sure it is located below the given configuration fragment, not above it?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: nginx regex rewrite not working for php script

TH: nginx regex rewrite ไม่ทำงานสำหรับสคริปต์ php

RO: Rescrierea regex nginx nu funcționează pentru scriptul php

RU: Перезапись регулярного выражения nginx не работает для php-скрипта

VI: nginx regex viết lại không hoạt động cho tập lệnh php

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.