Welcome! Log In Create A New Profile

Advanced

500 Internal Server Error

January 30, 2015 05:09AM
Добрый день!

Есть два вида ссылок:

http://domen.ly/tds/0d25 - nginx отдает 500 Internal Server Error
http://domen.ly/tds/?0d25 - такую ссылку обрабатывает корректно

Подскажите, где ошибка в конфиге и что нужно добавить-убрать, чтобы ссылка http://domen.ly/tds/0d25 обрабатывалась без ошибок?

--------

server {
server_name domen.ly www.domen.ly;
listen 198.198.198.198;
port_in_redirect off;
server_tokens off;
autoindex off;
client_max_body_size 15m;
client_body_buffer_size 128k;
root /var/www/www.domen.ly/html/;
index index.php index.html;
try_files $uri $uri/ /index.php?$args;

# Define default caching of 24h
expires 3600s;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";

# deliver a static 404
error_page 404 /404.html;
location /404.html {
internal;
}

# Deliver 404 instead of 403 "Forbidden"
error_page 403 = 404;

# Do not allow access to files giving away your WordPress version
location ~ /(\.|wp-config.php|readme.html|licence.txt) {
return 404;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Don't log robots.txt requests
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

# Rewrite for versioned CSS+JS via filemtime
location ~* ^.+\.(css|js)$ {
rewrite ^(.+)\.(\d+)\.(css|js)$ $1.$3 last;
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}

# Aggressive caching for static files
# If you alter static files often, please use
# add_header Cache-Control "max-age=31536000, public, must-revalidate, proxy-revalidate";

location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ {
expires 31536000s;
access_log off;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "max-age=31536000, public";
}

# pass PHP scripts to Fastcgi listening on Unix socket
# Do not process them if inside WP uploads directory
# If using Multisite or a custom uploads directory,
# please set the */uploads/* directory in the regex below

location ~* (^(?!(?:(?!(php|inc)).)*/uploads/).*?(php)) {
try_files $uri = 404;
fastcgi_split_path_info ^(.+.php)(.*)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 128k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
}

# Deny access to hidden files
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}

# block-exploits-sql-injections-file-injections-spam-user-agents-etc

## Block SQL injections
set $block_sql_injections 0;
if ($query_string ~ "union.*select.*\(") {
set $block_sql_injections 1;
}
if ($query_string ~ "union.*all.*select.*") {
set $block_sql_injections 1;
}
if ($query_string ~ "concat.*\(") {
set $block_sql_injections 1;
}
if ($block_sql_injections = 1) {
return 403;
}

## Block file injections
set $block_file_injections 0;
if ($query_string ~ "[a-zA-Z0-9_]=http://") {
set $block_file_injections 1;
}
if ($query_string ~ "[a-zA-Z0-9_]=(\.\.//?)+") {
set $block_file_injections 1;
}
if ($query_string ~ "[a-zA-Z0-9_]=/([a-z0-9_.]//?)+") {
set $block_file_injections 1;
}
if ($block_file_injections = 1) {
return 403;
}

## Block common exploits
set $block_common_exploits 0;
if ($query_string ~ "(<|%3C).*script.*(>|%3E)") {
set $block_common_exploits 1;
}
if ($query_string ~ "GLOBALS(=|\[|\%[0-9A-Z]{0,2})") {
set $block_common_exploits 1;
}
if ($query_string ~ "_REQUEST(=|\[|\%[0-9A-Z]{0,2})") {
set $block_common_exploits 1;
}
if ($query_string ~ "proc/self/environ") {
set $block_common_exploits 1;
}
if ($query_string ~ "mosConfig_[a-zA-Z_]{1,21}(=|\%3D)") {
set $block_common_exploits 1;
}
if ($query_string ~ "base64_(en|de)code\(.*\)") {
set $block_common_exploits 1;
}
if ($block_common_exploits = 1) {
return 403;
}
}
Subject Author Posted

500 Internal Server Error

maxim88 January 30, 2015 05:09AM

Re: 500 Internal Server Error

denis January 30, 2015 05:30AM

Re: 500 Internal Server Error

maxim88 January 30, 2015 05:44AM

Re: 500 Internal Server Error

maksis January 30, 2015 06:03AM

Re: 500 Internal Server Error

maxim88 January 30, 2015 06:10AM

Re: 500 Internal Server Error

maksis January 30, 2015 06:18AM

Re: 500 Internal Server Error

maxim88 January 30, 2015 06:31AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 93
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready