NGINX on EC2 not loading sites enabled - nginx

I have deployed a Drupal site that was developed on DigitalOcean Ubuntu onto AWS EC2 Ubuntu. So essentially the directory structure and configuration files are copied from DigitalOcean VPS. But the site on DigitalOcean is accessible while that on AWS throws a ERR_CONNECTION_REFUSED error on the browser.
I have beenn trying for several hours and haven't found any reason why the AWS site doesn't load. There are no error and access log messages in /var/log/nginx
My /etc/nginx/nginx.conf has the following line so I am sure the configuration files in /etc/nginx/sites-enabled folder are being read by Nginx.
include /etc/nginx/sites-enabled/*.*;
The /etc/nginx/sites-enabled has sym links to /etc/nginx/sites-available directory and the /etc/nginx/sites-available/domain.conf contains the following
server {
listen subdomain.domain.biz;
server_name subdomain.domain.biz;
root /home/sridhar/public_html/domain/public;
keepalive_timeout 70;
access_log /home/sridhar/public_html/domain/log/access.log;
error_log /home/sridhar/public_html/domain/log/error.log;
# Enable compression, this will help if you have for instance advagg ^ modue# by serving Gzip versions of the files.
gzip_static on;
index index.php;
#index index.php index.html index.htm;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
# No no for private
location ~ ^/sites/.*/private/ {
return 403;
}
location ~ (^|/)\. {
return 403;
}
location / {
try_files $uri $uri/ #rewrite;
expires max;
}
location #rewrite {
rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
#fastcgi_pass unix:/tmp/phpfpm.sock;
fastcgi_pass 127.0.0.1:9000;
}
location ~ ^/sites/.*/files/styles/ {
try_files $uri $uri/ #rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
Is there any specific configuration that needs to be cariied out for AWS EC2? Or have I missed something.

Related

nginx: how to serve file from a subfolder of root?

My local dev env is configured on nginx as is
server {
listen 80;
server_name project.local;
root /var/www/project.local/public;
charset utf-8;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
# Questi due parametri sono fondamentali
# per le app Laravel
# => https://serverfault.com/a/927619/178670
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
The problem is only about a folder /fonts that is inside the root, at /var/www/project.local/fonts
Note: it's not my code, I inherited it... :(
Note 2: it's an old laravel 5.4 project
Actually when the website looks for fonts/some.file I got a 404, but the file is already here.
What should I change in nginx conf to allow serving /fonts/some.file from /var/www/project.local/fonts ?
Why actually is not working?
Fixed adding
location /fonts {
root /var/www/prod.revisions;
}

How to set up wordpress in subdir with php-fpm on unix socket?

I want to migrate my wordpress installation from apache to nginx. Actually everything is working (at least it seems so) but the rewriting of urls.
My setup:
php-fpm on unix instead tcp socket
wordpress installation in /var/www/blog/
ubuntu 12.04 lts
nginx 1.1.19
Following the nginx documentation for wordpress I tried to add
location /blog {
try_files $uri $uri/ /wordpress/index.php?$args;
}
location ~ \.php$ {
# ...
fastcgi_split_path_info ^(/blog)(/.*)$;
}
But this is still not working for me. Do you have any ideas?
# /etc/nginx/sites-enabled/default
server {
listen 80;
root /var/www/blog;
index index.php;
server_name 12.34.56.789; # server isn't connected with a domain for now
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { allow all; log_not_found off; access_log off; }
location ~ /\. { deny all; }
location ~* /(?:uploads|files)/.*\.php$ { deny all; }
location /blog {
try_files $uri $uri/ /blog/index.php?$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(/blog)(/.*)$;
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}
also changed www.conf
# /etc/php5/fpm/pool.d/www.conf
# ...
listen = /var/run/php5-fpm.sock
# ...
php.ini changed cgi.fix_pathinfo
# /etc/php5/fpm/php.ini
# php.ini
# ...
cgi.fix_pathinfo=0
# ...

Nginx config is not case insensitive to image files

Images are only displaying if they have the correct case. These need to be case insensitive please see my config file.
The image I have having trouble with works at:
http://domain.com/sites/default/files/vimages/imagename.jpg
but not at
http://domain.com/sites/default/files/vimages/imagename.JPG
server {
listen 80;
server_name domain.com;
root /home/domain.com/www; ## <-- Your only path reference.
access_log /home/domain.com/logs/access.log;
error_log /home/domain.com/logs/error.log;
# Enable compression, this will help if you have for instance advagg‎ module
# by serving Gzip versions of the files.
gzip_static on;
gzip on;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# This matters if you use drush
location = /backup {
deny all;
}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
# No no for private
location ~ ^/sites/.*/private/ {
return 403;
}
# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}
location / {
# This is cool because no php is touched for static content
try_files $uri #rewrite;
}
location #rewrite {
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn't be needed (GlobalRedirect)
rewrite ^ /index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_read_timeout 180;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 52w;
add_header Cache-Control "max-age=31449600, no-transform, public";
log_not_found off;
}
# Catch image styles for D7 too.
location ~* ^/sites/.*/files/styles/ {
try_files $uri #rewrite;
}
location ~* /sites/.*/files/vimages/ {
try_files $uri #rewrite;
}
# Fighting with ImageCache? This little gem is amazing.
location ~ ^/sites/.*/files/imagecache/ {
try_files $uri #rewrite;
}
}
Nginx is working against the filesystem and has no control over the name of the files when serving from a directory.
If you want case insensitive you need to do a rewrite.

Nginx + PHP-FPM Error: This Page is Temporarily Unavailble

I am trying to setup a Nginx / PHP-FPM server on my raspberry Pi (Debian) and I am having trouble getting the php to work correctly.
Text displayed on webpage: This Page is Temporarily Unavailble
I have checked the nginx logs and there are no errors being recorded.
This is my nginx.conf:
# Pi Nginx Config v0.1 10:53 30/01/2014
# NOTE: fastcgi is NOT php5-fpm
server {
listen 1080;
# server_name mysite.org;
charset utf-8;
access_log off;
root /var/www/cms;
index index.php;
location / {
try_files $uri $uri/ /index.php?id=$uri&$args;
}
location ~* /admin/.*\.php$ {
try_files $uri /admin/index.php?id=$uri&$args; # Try the admin index page
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location ~* \.php$ {
try_files $uri =404; # Try any .php files in root or throw a 404
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in /etc/php5/fpm/php.ini
# With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
expires 2h;
}
location ~* \.(?:ico|js|gif|jpg|png)$ {
expires 14d;
}
location ~* \.(htm|css|html)$ {
expires 2d;
}
# this blocks direct access to the XML files (but sitemap.xml) - that hold all the data
location ~* \.xml$ { deny all; }
location ~* \.xml\.bak$ { deny all; }
location = /sitemap.xml { allow all; }
# this prevents hidden files (beginning with a period) from being served
location ~ /\. { deny all; }
location ^~ /uploads/ {
if ($request_uri ~* \.php$) {return 403;}
}
}
I do not have enough experience to see anything wrong with this config. My server is on port 1080 and the server root is within the cms directory.
Any help would be greatly appreciated.

Dynamic root with subdomain not working with Nginx

I tried everything I could, I can not make it work.
I'd like to redirect my subdomains to a specific folder in my Debian server using NGinx, here's the configurations I tried :
server {
listen 8080;
server_name ~^(?<user>.+)\.example\.net$;
root /srv/www/example.net/$user;
}
=> error is :
Starting nginx: [emerg]: unknown "user" variable configuration file
/etc/nginx/nginx.conf test failed
(note: I also tried without the ^ as indicated here : Nginx server_name regexp not working as variable)
If I try this instead :
server {
listen 8080;
server_name *.example.net$;
root /srv/www/example.net/$1;
}
Error is on the request :
2013/08/20 15:38:42 [error] 5456#0: *6 directory index of
"/srv/www/example.net//" is forbidden, client: xxx.xxx.xxx.xxx, server:
*.example.net, request: "GET / HTTP/1.1", host: "test.example.net:8080"
Aka, $1 is empty !
The documentation is wrong then :
http://nginx.org/en/docs/http/server_names.html
Update:
This is working (taken from https://serverfault.com/questions/457196/dynamic-nginx-domain-root-path-based-on-hostname):
server {
server_name ~^(.+)\.example\.com$;
root /var/www/example.com/$1/;
}
BUT I'd like to display PHP Pages, and if I add the following in my server {}, the $1 is then empty (wtf?) :
index index.php index.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
deny all;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ {
expires max;
log_not_found off;
}
location ~ \.php$ {
server_tokens off;
try_files $uri $uri/ /index.php?$args;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_intercept_errors off;
fastcgi_send_timeout 30s;
fastcgi_read_timeout 30s;
}
I finally found the solution, and it's not so pretty.
In fact it was a mix of an old NGinx version (0.7.67, in Debian Squeeze) and some odd reaction (maybe from this version) of the NGinx configuration.
The following code works fine, but successful only in a NGinx version of 1.2.1 (it fails in 0.7.67, and not tested in other versions) :
map $host $username {
~^(?P<user>.+)\.example\.com$ $user;
}
server {
listen 80;
server_name *.example.com;
root /var/www/example.com/$username;
index index.php index.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make sure files with the following extensions do not get loaded by nginx because nginx would display the source code, and these files can contain PASSWORDS!
location ~* \.(engine|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
deny all;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location ~* \.(jpg|jpeg|png|gif|css|js|ico)$ {
expires max;
log_not_found off;
}
location ~ \.php$ {
server_tokens off;
try_files $uri $uri/ /index.php?$args;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_intercept_errors off;
fastcgi_send_timeout 30s;
fastcgi_read_timeout 30s;
}
}
This alternative also works (for newer PCRE versions) :
map $host $username {
~^(?<user>.+)\.example\.com$ $user;
}
I had to combine all found solutions to create my own working .conf This is my answer from similar question https://stackoverflow.com/a/40113553/1713660
server {
listen 80;
server_name ~^(?P<sub>.+)\.example\.com$;
root /var/www/$sub;
location / {
index index.php index.html;
}
}
The correct form is:
server {
listen 8080;
server_name ~^(?P<user>.+)\.example\.net$;
location / {
root /srv/www/example.net/$user;
}
}

Resources