in sites-enabled file test.com.conf:
map $http_host $blogid {
default 0;
test.com 1;
}
server {
listen 5.187.1.93:80;
server_name test.com *.test.com;
root /home/fornex/wordpress;
access_log /var/log/nginx/test.com-access.log;
error_log /var/log/nginx/test.com-error.log;
include conf.d/restrictions.conf;
# include /home/fornex/wordpress/nginx.conf;
include conf.d/wordpress-mu.conf;
}
file site.com.conf:
server {
listen 5.187.1.93:80;
server_name site.com *.site.com;
return 301 https://$host$request_uri;
}
server {
listen 5.187.1.93:443 ssl;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/site.com/privkey.pem;
server_name site.com *.site.com;
root /home/fornex/site.com;
index index.php;
client_max_body_size 7m;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* /\. {
deny all;
}
location ~*\.(php)$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
when I open test.com(It should be a wordpress installation) - site.com opens. What is wrong? How can I make them separate sites? I searched a lot in WEB but didn't find anything that helps in my situation. Adding *.test.com didn't help.
Related
I know that there's a lot of similar questions here, but none of them didn't help me, so here's my problem.
I need to redirect all requests from my server ip to my domain.
I tried the return 301 method, it kinda worked, but got me "Too many redirects error".
It wasn't me who wrote the config originally and I'm afraid to break it, it's a live server, so I don't have much time to test things.
Here's my config:
server {
listen xxx.xxx.xxx.xxx:443 ssl;
index index.php;
server_name example.com;
error_log /var/log/nginx/error_example_com.log;
access_log /var/log/nginx/access_example_com.log;
root /var/www/prod/frontend/web;
client_max_body_size 50m;
ssl on;
ssl_certificate /var/lib/dehydrated/certs/example.com/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/example.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1.2;
ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:RSA+3DES:!NULL:!RC4;
add_header Strict-Transport-Security "max-age=31536000";
ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /images {
alias /var/www/prod/frontend/web/images;
}
location /assets {
expires 1d;
}
location /upload {
expires 1d;
alias /var/www/prod/frontend/web/uploads;
}
location /plugins/Global/scripts {
alias /var/www/prod/frontend/web/js2;
}
location /plugins/Global/images {
alias /var/www/prod/frontend/web/images;
}
location /plugins/Global/css {
alias /var/www/prod/frontend/web/css;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/comn/php/php7.3-fpm.sock;
}
location /.well-known/acme-challenge {
alias /var/lib/dehydrated/acme-challenges;
}
}
server {
listen 443 ssl;
ssl_certificate /var/lib/dehydrated/certs/example.com/fullchain.pem;
ssl_certificate_key /var/lib/dehydrated/certs/example.com/privkey.pem;
server_name www.example.com;
location / {
return 301 https://example.com$request_uri;
}
location ~ /.git/ {
deny all;
}
}
server {
listen xxx.xxx.xxx.xxx:80;
location / {
return 301 https://example.com$request_uri; # enforce https
}
location /.well-known/acme-challenge {
alias /var/lib/dehydrated/acme-challenges;
}
}
Redirecting from http://xxx.xxx.xxx.xxx to https://example.com works just fine, but I can't figure out how to get https redirecting working. What am I missing?
Also there's an admin panel to this site, it's config stored in another file, not sure if it has to be posted as well.
Strangely adding this on top of my config worked, where even default_server was ignored..
server {
listen 443 ssl http2;
server_name example.com;
return 301 https://example.com$request_uri;
}
Still not sure what is wrong with my setup, but at least it's working now.
nginx/1.14.2
server {
listen 80;
server_name www.21cl.ca 21cl.ca;
return 301 https://21cl.ca$request_uri;
}
server {
server_name 21cl.ca;
listen 443 ssl http2;
ssl_certificate /srv/ssl/2100computerlane_net.crt;
ssl_certificate_key /srv/ssl/21ca.key;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
access_log /srv/www/www.2100computerlane.net/logs/access.log;
error_log /srv/www/www.2100computerlane.net/logs/error.log;
root /srv/www/www.2100computerlane.net/public_html;
location / {
index index.html index.htm index.php;
autoindex on;
autoindex_exact_size off;
}
location ~* \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
}
http://www.21cl.ca is being forwarded to https://www.21cl.ca not https://21cl.ca like instructed.
Note this works fine when I do it with my dot net and dot com domains.
I think it has been cached in the browser try it in private or incognito window, It is redirecting properly for me
when i click on this link for example: http://debian.local/cgi-bin/hobbitcolumn.sh?bbgen it download the .sh file instead of show it.
i tried to put fastcgi_ params in location ^~ /hobbit but still not working.
could you help me please
thanks
here is my sites-available/debian.local.conf:
# /etc/nginx/sites-available/debian.local.conf
# HTTP server
server {
listen 80; ## listen for ipv4; this line is default and implied
#listen [::]:80 default_server ipv6only=on; ## listen for ipv6
# Make site accessible from http://localhost/
server_name debian.local localhost ;
# On redirige toutes les requĂȘtes vers HTTPS
#rewrite ^ https://$server_name$request_uri? permanent;
location ^~ /glpi {
root /home/cedric/web;
index index.php;
location ~ /glpi(/.*\.php) {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
}
}
location ^~ /hobbit {
alias /usr/lib/hobbit/server/www/ ;
index index.html ;
}
location /cgi-bin/ {
alias /usr/lib/hobbit/cgi-bin/;
}
location /cgi-secure/ {
alias /usr/lib/hobbit/cgi-secure/ ;
}
}
server {
listen 443 ssl;
server_name debian.local localhost ;
root html;
index index.html index.htm;
# Use a self-signed certificate to ensure
# secure connexion to phpmyadmin
ssl_certificate debian.local.crt;
ssl_certificate_key debian.local.key;
ssl_session_timeout 5m;
# Access only latest browsers
ssl_protocols TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
try_files $uri $uri/ =404;
}
location /zabbix {
if ($scheme ~ ^http:){
rewrite ^(.*)$ https://$host$1 permanent;
}
alias /usr/share/zabbix;
index index.php;
error_page 403 404 502 503 504 /zabbix/index.php;
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
expires epoch;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location ~ \.(jpg|jpeg|gif|png|ico)$ {
access_log off;
expires 33d;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
## Xcache admin pages
location /xcache {
alias /usr/share/xcache/;
try_files $uri $uri/ /index.php;
location ~ ^/xcache/(.+\.php)$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
}
this is what appear instead of the web page:
#!/bin/sh QS="${QUERY_STRING}" QUERY_STRING="db=columndoc.csv&key=${QS}" export QUERY_STRING . /usr/lib/hobbit/server/etc/hobbitcgi.cfg exec /usr/lib/hobbit/server/bin/bb-csvinfo.cgi $CGI_HOBBITCOLUMN_OPTS
You should use the default_type directive in the interested location, for example:
location /cgi-bin/ {
alias /usr/lib/hobbit/cgi-bin/;
default_type text/plain;
}
I made it work.
This helped me: https://www.howtoforge.com/serving-cgi-scripts-with-nginx-on-debian-squeeze-ubuntu-11.04-p3
i intalled Fcgiwrap and edited my sites-available/debian.local.conf like this:
location /cgi-bin/ {
# Disable gzip (it makes scripts feel slower since they have to complete
# before getting gzipped)
gzip off;
# Set the root to /usr/lib (inside this location this means that we are
# giving access to the files under /usr/lib/cgi-bin)
alias /usr/lib/hobbit/cgi-bin/;
# Fastcgi socket
fastcgi_pass unix:/var/run/fcgiwrap.socket;
# Fastcgi parameters, include the standard ones
include /etc/nginx/fastcgi_params;
# Adjust non standard parameters (SCRIPT_FILENAME)
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
Thanks.
So, I want to secure only the login and admin part of my website. The problem is that the admin uses some common static files that are used on the general site as well. This means that when I am in the admin those files should be served over https while when I am on the general site they should be served as http.
How can I configure nginx to behave this way?
The configuration I use so far is bellow:
server {
listen 80;
server_name site.com www.site.com;
root /home/site_folder/web;
index index.php;
location ~ /(get-involved|contribute|api) {
return 301 https://$server_name$request_uri;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME /home/site_folder/web/index.php;
}
location / {
root /home/site_folder/web;
if (-f $request_filename) {
expires max;
break;
}
try_files $uri $uri/index.php;
rewrite ^(.*) /index.php last;
}
}
server {
listen 443 ssl;
ssl_certificate path_to_ssl.crt;
ssl_certificate_key path_to_key.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name site.com www.site.com;
root /home/site_folder/web;
index index.php;
location ~ /(get-involved|contribute|api) {
root /home/site_folder/web;
if (-f $request_filename) {
expires max;
break;
}
try_files $uri $uri/index.php;
rewrite ^(.*) /index.php last;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME /home/site_folder/web/index.php;
}
location / {
return 301 http://$server_name$request_uri;
}
}
I'm very new to nginx, so forgive me if my explanations are off. I'll do my best to explain what I am trying to achieve.
Using WordPress and nginx, I would like user accounts to be mapped to a subdomain of the main domain. For example, if the user creates an account called "sample", the subdomain for that user would be sample.example.com.
When the user goes to sample.example.com, the subdomain should be mapped to example.com/sample/. Similarly, if a user visits sample.example.com/account/, it should map to example.com/sample/account/, and so on and so forth. It should be noted that the example.com/sample/ URLs are rewrites of this type of structure: example.com/index.php?user=sample.
There are also a few reserved subdomains that should not be redirected, such as cdn and admin. They should be ignored by these rules if they are requested.
How can I achieve this automatically when a user creates an account? The goal here is automation - set it up once correctly and not worry about it. Since I have literally just started working with nginx a few days ago, I'm not sure where to start at all. Any advice to move me in the right direction would be incredibly helpful. Here is my current config file for the domain:
server {
listen 80;
server_name www.example.com;
rewrite ^(.*) $scheme://example.com$1 permanent;
}
server {
listen 443 ssl;
server_name www.example.com;
rewrite ^(.*) $scheme://example.com$1 permanent;
}
server {
listen 80;
server_name example.com;
access_log /var/www/example.com/logs/access.log;
error_log /var/www/example.com/logs/error.log;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public/index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443 ssl;
ssl on;
keepalive_timeout 70;
server_name example.com;
ssl_certificate ssl/example.com.chained.crt;
ssl_certificate_key ssl/example.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public/index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/example.com/public$fastcgi_script_name;
include fastcgi_params;
}
}
I understand that what I am trying to achieve probably needs to go into the /etc/nginx/nginx.conf file if I want it to be automated, and I am actively trying to learn how to achieve this. I'm just stuck where I am at now and am looking for any advice/help that would point me in the right direction. I'm eager to learn!
ANSWER
After days of searching, tweaking, and configuring, I've gotten down the code needed to map subdomains to URLs exactly like in my example. Here is my vhost for example.com: https://gist.github.com/thomasgriffin/4733283
server {
listen 80;
listen 443 ssl;
server_name ~^(?<user>[a-zA-Z0-9-]+)\.example\.com$;
location / {
resolver 8.8.8.8;
rewrite ^([^.]*[^/])$ $1/ permanent;
proxy_pass_header Set-Cookie;
proxy_pass $scheme://example.com/user/$user$request_uri;
}
}
server {
listen 80;
listen 443 ssl;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
listen 80;
server_name example.com;
access_log /var/www/example.com/logs/access.log;
error_log /var/www/example.com/logs/error.log;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443 ssl;
ssl on;
keepalive_timeout 70;
server_name example.com;
ssl_certificate ssl/example.com.chained.crt;
ssl_certificate_key ssl/example.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
root /var/www/example.com/public;
index index.php;
location / {
try_files $uri $uri/ #wordpress /index.php?q=$request_uri;
}
location #wordpress {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
}
# Pass the PHP scripts to FastCGI server listening on UNIX sockets.
#
location ~ \.php$ {
try_files $uri #wordpress;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
The main chunk of the mapping is done in the first server block. I'm targeting any subdomain (I will have already weeded out restricted subdomains with other non-relevant code) and rewriting it to ensure that it has a trailing slash to avoid any internal redirects by WordPress for URLs without a trailing slash. From there, the resolver directive is required to resolve URLs defined in proxy_pass, so I am resolving with Google's DNS. I'm also using the proxy_pass_header directive to send over cookies in order to keep WordPress login authentication in tact. proxy_pass defines the URL to map to.
It should also be noted that if you want to use login authentication as well with subdomains, you need to define your custom cookie domain in wp-config.php like this:
define('COOKIE_DOMAIN', '.example.com');
And that should be it. You can now enjoy URLs like subdomain.example.com that map to example.com/user/subdomain/ or whatever you want. From there, you can utilize WordPress' Rewrite API to map the mapped URL to specific query args that can be sent to $wp_query for loading custom templates, etc.
the following should do it:
server {
listen 80; listen 443;
server_name *.example.com;
if ($host ~ "^(.*)\.example\.com$" ) { set $subdomain $1;}
rewrite ^ $scheme://example.com/$subdomain/$request_uri permanent;
}
(as an aside: the regex ^ matches all url's the most efficiently, and the standard nginx variable $request_uri holds the uri including arguments so you don't need the (.*) group in the rewrite)
additionally add a second serverblock for the domains you don't want redirected:
server {
listen 80; listen 443;
server_name cdn.example.com admin.example.com;
# do whatever with the requests of the reserved subdomains;
}
I think .htaccess is not working with nginx.
I use Nginx As Reverse Proxy Server port 80 and Apache as web server
HERE