pulling my hair out with this one!
I can't figure out why PHPMyAdmin is logging in ok and showing menu's, but there is no database information displayed. The left hand database tree is gone and the main window where you would manage a database is also blank (just empty space).
The menus are loading ok so I suspect a frame related issue as when I look at page source, there is just no HTML there.
I have Certbot install a letsencrypt certificate and NGINX 1.20.2. PHP is 8.1.3 and Ubuntu 20. I have tried multiple fresh installs of PHPMyAdmin.
Here are my NGINX configs in case I am missing something there:
sites-enabled/default
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
add_header X-Frame-Options "ALLOW-FROM http://site.uk";
add_header X-Frame-Options "ALLOW-FROM http://www.site.uk";
add_header X-Frame-Options "ALLOW-FROM https://site.uk";
add_header X-Frame-Options "ALLOW-FROM https://www.site.uk";
add_header X-XSS-Protection "1";
add_header X-Content-Type-Options nosniff;
}
server {
root /var/www/html;
index index.html index.htm index.php;
server_name _; # managed by Certbot
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ~ .php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/fx5.uk/fullchain.pem; # managed by C>
ssl_certificate_key /etc/letsencrypt/live/fx5.uk/privkey.pem; # managed by>
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
#changed
if ($host = site.uk) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name _;
return 404; # managed by Certbot
}
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Related
I am trying to make nginx redirect all url to https://www.example.com
But the config I write with other reference wont work without www.
http://example.com -> https://www.example.com # not working
http://www.example.com -> https://www.example.com
https://example.com -> https://www.example.com # not working
https://www.example.com -> https://www.example.com
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com www.example.com;
root /home/user/example.com/public;
index index.php;
add_header Strict-Transport-Security max-age=31536000;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Any help is apprecaited. Thank you.
I have a default html template that I show instead of the nginx 404 default one if I visit jitsi.example.com:
<h1> Not found </h1>
The problem comes when I want to show that same html page in a subroute like jitsi.example.com/foo for example and I get the nginx 404 default template. I hardcoded foo as an example but the idea is to match any subdirectory / subroute.
These are my config files:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
And this is my default file:
upstream backend{
server localhost:8012;
server localhost:8013;
}
server {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name example.com www.example.com;
location / {
proxy_pass http://backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name jitsi.example.com; # managed by Certbot
#return 404; # managed by Certbot
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
root /home/example/nginx-templates;
}
location /foo {
root /home/example/nginx-templates;
}
}
And I know it's getting to /foo route because if I return 200; in nginx I get that status code. However, I want to render the template from /home/example/nginx-templates.
Ok. I created an error_404.html:
sudo vim /usr/share/nginx/html/error_404.html
with:
<h1> Not found </h1>
Then I reference it inside /etc/nginx/sites-enabled/default:
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name jitsi.example.com; # managed by Certbot
#return 404; # managed by Certbot
error_page 404 =404 /error_404.html;
location = /error_404.html {
root /usr/share/nginx/html;
internal;
}
location / {
root /home/example/nginx-templates;
}
Below is my nginx conf, how to remove www. from redirect url.
right now when i am entering url www.platform.iamwoken.com/ its redirecting to https://www.platform.iamwoken.com/ which is wrong
i need to redirect it to https://platform.iamwoken.com/
server_tokens off;
server {
if ($host ~ (platform.iamwoken.com|www.platform.iamwoken.com)) {
return 301 https://platform.iamwoken.com;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name platform.iamwoken.com www.platform.iamwoken.com;
return 301 https://platform.iamwoken.com;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name platform.iamwoken.com www.platform.iamwoken.com;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
# Disable SSL
ssl_protocols TLSv1 TLSv1.1;
# Optimise cipher suites
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# Enable HSTS
add_header Strict-Transaport-Security "max-age=31536000" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
# SSL sessions
#ssl_session_cache shared:devplatform.iamwoken.com:40m;
# ssl_session_tickets on;
# Skip buffering for static files
sendfile on;
location /static/ {
access_log off;
add_header Cache-Control public;
add_header Pragma public;
add_header Vary Accept-Encoding;
expires 1m;
root /home/ubuntu/wokencrm;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
how to resolve this issue
use below NGiNX block to redirect www to non-www
server {
server_name www.platform.iamwoken.com;
return 301 $scheme://platform.iamwoken.com$request_uri;
}
Restart the nginx web-server and test the URL in browser. It will work as expected.
I have a WordPress site and trying to set up subdomains using Nginx and Let's Encrypt SSL to have prod and test environments.
For example:
prod site --> abc.com www.abc.com
dev site --> dev.abc.com
I have set up Nginx using this guide https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-on-centos-7.
My Server blocks look as following:
/site-available/abc.com.conf
server {
root /var/www/wordpress;
index index.php index.html index.htm;
server_name abc.com www.abc.com;
client_max_body_size 100M;
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_connect_timeout 300s;
fastcgi_read_timeout 300s;
fastcgi_send_timeout 300s;
}
location ~ /\.ht {
deny all;
}
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
# Improve HTTPS performance with session resumption
ssl_session_cache shared:SSL:30m;
ssl_session_timeout 15m;
ssl_session_tickets on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/abc.com/fullchain.pem;
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s; # Cloudflare
resolver_timeout 5s;
ssl_certificate /etc/letsencrypt/live/abc.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/abc.com/privkey.pem; # managed by Certbot
}
server {
if ($host = www.abc.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = abc.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name abc.com www.abc.com;
return 404; # managed by Certbot
}
/site-available/dev.abc.com.conf
server {
root /var/www/dev.abc.com;
index index.php index.html index.htm index.nginx-debian.html;
server_name dev.abc.com;
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_connect_timeout 300s;
fastcgi_read_timeout 300s;
fastcgi_send_timeout 300s;
}
location ~ /\.ht {
deny all;
}
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
# Improve HTTPS performance with session resumption
ssl_session_cache shared:SSL:30m;
ssl_session_timeout 15m;
ssl_session_tickets on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dev.abc.com/fullchain.pem;
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s; # Cloudflare
resolver_timeout 5s;
ssl_certificate /etc/letsencrypt/live/dev.abc.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/dev.abc.com/privkey.pem; # managed by Certbot
}
I have successfully enabled A records on Cloudflare and Digital ocean for dev domain name.
Problem is, whenever I try to access dev.abc.com it is getting redirect to abc.com no matter what.
Then I tried to remove the abc.com.conf server block and tested, then it was working fine with dev.abc.com.conf; however, when I try to put both blocks together then this time it was only working on dev.abc.com.
I am not sure what I am missing in this Nginx configuration. I also have both SSL certificate to match the exact domains. I have exact Nginx configuration on Ubuntu server and its working fine for my another site.
I cannot access my site anymore using the ip address (or domain name). It always 404 Not Found I use Laravel Forge with Digital Ocean with Ubuntu 14.04.
Here's my sites-enabled/default nginx file
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/default/before/*; #That directory is empty
server {
listen 80;
server_name default;
root /home/forge/default/public;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/default/server/*; #That directory is empty
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/default/after/*; #That directory is empty
nginx.conf (Without commented lines)
user forge;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
On sudo service nginx restart my nginx/error.log only contains:
2016/03/24 15:25:07 [notice] 8416#0: signal process started
My nginx/default.log is empty.
Any clue of what I could look into?
It doesn't look like you defined the default server correctly - as per the Nginx docs, it should be
server {
listen 80 default_server;
server_name _; # This is just an invalid value which will never trigger on a real hostname.
...
}
Note the listen 80 default_server; in particular