请在服务器伪静态设置中配置以下的代码,完成后重启nginx
# 禁止公网直接读取环境配置、升级锁和源码目录
location ~ /\.(?!well-known) {
deny all;
}
location ~ ^/(\.installed|\.schema_synced|\.upgrading|composer\.(json|lock))$ {
deny all;
}
location ~ ^/(config|src|internal|install|debug|gateway|sdk)(/|$) {
deny all;
}
location ~ ^/adminx/(config|src|api/Page/data)(/|$) {
deny all;
}
location / {
try_files $uri $uri/ /public/index.php?$query_string;
}
<FilesMatch "^(\.env|\.installed|\.schema_synced|\.upgrading|composer\.(json|lock))$">
Require all denied
</FilesMatch>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule ^(config|src|internal|install|debug|gateway|sdk)(/|$) - [F,L]
RewriteRule ^adminx/(config|src|api/Page/data)(/|$) - [F,L]
RewriteCond %{REQUEST_URI} !\.(css|js|png|jpg|jpeg|gif|svg|ico|woff2?|ttf|eot|map)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ public/index.php [QSA,L]
</IfModule>