直接用php处理上传的劣势是,占用大量内存,长期占用php进程,上传文件大小受到多种条件限制。
首先编译nginx得编译进去upload模块,很简单。
vhost配置文件如下,避免了upload.php被用户直接访问,构造虚假上传信息影响服务器安全
首先编译nginx得编译进去upload模块,很简单。
vhost配置文件如下,避免了upload.php被用户直接访问,构造虚假上传信息影响服务器安全
server
{
listen 80;
server_name 1.server.xxx;
index index.html index.htm index.php;
root /web/vhosts/1.server.xxx/www;
location = /upload.php {
client_body_timeout 9999s; //最大允许的上传时间
client_max_body_size 300m; //最大上传大小
upload_pass @upload;
upload_store /web/vhosts/1.server.xxx/protected/runtime/files-tmp 1;
upload_store_access user:r;
upload_set_form_field $upload_field_name.name $upload_file_name;
upload_set_form_field $upload_field_name.content_type $upload_content_type;
upload_set_form_field $upload_field_name.path $upload_tmp_path;
upload_cleanup 400-599;
upload_pass_args on;
}
location @upload {
fastcgi_next_upstream error timeout invalid_header http_500 http_503;
fastcgi_pass backend;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*\.php?$
{
fastcgi_next_upstream error timeout invalid_header http_500 http_503;
fastcgi_pass backend;
fastcgi_index index.php;
include fcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
}
No comments:
Post a Comment