nginx deny all 和 return 一起使用时不生效
nginx 配置:
server {
listen 80 default_server;
server_name www.aceelf.com aceelf.com;
return 301 https://aceelf.com$request_uri;
}在配置如下时 deny all 并不会生效,我预计会执行 deny all 出现 403 错误,但是实际上会执行 return 返回 301;
server {
listen 80 default_server;
server_name www.aceelf.com aceelf.com;
deny all;
return 301 https://aceelf.com$request_uri;
}最终在 stackoverflow 上找到了答案:
In nginx, return directive is from rewrite module, and deny is from access module. According to nginx document and source code, rewrite module is processed in NGX_HTTP_REWRITE_PHASE phase (for return in location context), the access module is processed in NGX_HTTP_ACCESS_PHASE phase, rewrite phase happens before access phase, thus return stops request processing and returns 301 in rewrite phase.
在nginx中,return指令来自rewrite模块,deny指令来自access模块。根据nginx文档和源代码,重写模块在NGX_HTTP_rewrite_PHASE阶段进行处理(用于位置上下文中的返回),访问模块在NGX_HTTP_access_PHASE期间进行处理,重写阶段发生在访问阶段之前,因此返回停止请求处理,并在重写阶段返回301。