I currently have Rainloop working with mail.mydomain.com without issue. Now I want to install zpush and put rainloop as a alias, ex: mail.mydomain.com/rainloop and leave zpush as mail.mydomain.com (for the auto discovery). This is what I have so far
server {
server_name mail.mydomain.com;
root /var/www/zpush;
access_log /var/www/rainloop/logs/access.log;
error_log /var/www/rainloop/logs/error.log;
index index.php;
location / {
try_files $uri /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_index index.php;
# fastcgi_param HTTPS on;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_keep_conn on;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# Z-Push Ping command will be alive for 470s, but be safe
fastcgi_read_timeout 630;
}
location ~ /\.ht {
deny all;
}
location ^~ /data {
deny all;
}
location /Microsoft-Server-ActiveSync {
rewrite ^(.*)$ /index.php last;
}
location /rainloop {
alias /var/www/rainloop/;
index index.php;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mail.mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mail.mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/mail.mydomain.com/chain.pem; # managed by Certbot
ssl_stapling on; # managed by Certbot
ssl_stapling_verify on; # managed by Certbot
}
Not sure what I'm doing wrong or maybe I'm missing something? Keep getting the the 403
SOLVED IT: needed to create a symbolic link
ln -s /var/www/rainloop /var/www/zpush
Related
I have a working WordPress installation on an Apache server and wanted to migrate to an NGINX server on a VPS. I've copied all the files, set up the MSQL connection, etc. and everything seems to work fine except the published articles, which all give 404 errors. The admin area works fine, with no apparent problems.
The virtual server configuration is:
server {
if ($host = www.xxx.es) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name xxx.es www.xxx.es;
return 301 https://www.xxx.es$request_uri;}
server {
server_name xxx.es www.xxx.es;
root /home/www/xxx.es/html/;
index index.php;
#listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.xxx.es/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.xxx.es/privkey.pem; # managed byCertbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {return 404;}
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
I have tried the solutions of other questions without success. Thanks for the help
Try to change your part:
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {return 404;}
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
to this one:
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\. {
deny all;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
in sites-enabled file test.com.conf:
map $http_host $blogid {
default 0;
test.com 1;
}
server {
listen 5.187.1.93:80;
server_name test.com *.test.com;
root /home/fornex/wordpress;
access_log /var/log/nginx/test.com-access.log;
error_log /var/log/nginx/test.com-error.log;
include conf.d/restrictions.conf;
# include /home/fornex/wordpress/nginx.conf;
include conf.d/wordpress-mu.conf;
}
file site.com.conf:
server {
listen 5.187.1.93:80;
server_name site.com *.site.com;
return 301 https://$host$request_uri;
}
server {
listen 5.187.1.93:443 ssl;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_certificate /etc/letsencrypt/live/site.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/site.com/privkey.pem;
server_name site.com *.site.com;
root /home/fornex/site.com;
index index.php;
client_max_body_size 7m;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* /\. {
deny all;
}
location ~*\.(php)$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
when I open test.com(It should be a wordpress installation) - site.com opens. What is wrong? How can I make them separate sites? I searched a lot in WEB but didn't find anything that helps in my situation. Adding *.test.com didn't help.
I have a WordPress site and trying to set up subdomains using Nginx and Let's Encrypt SSL to have prod and test environments.
For example:
prod site --> abc.com www.abc.com
dev site --> dev.abc.com
I have set up Nginx using this guide https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-on-centos-7.
My Server blocks look as following:
/site-available/abc.com.conf
server {
root /var/www/wordpress;
index index.php index.html index.htm;
server_name abc.com www.abc.com;
client_max_body_size 100M;
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_connect_timeout 300s;
fastcgi_read_timeout 300s;
fastcgi_send_timeout 300s;
}
location ~ /\.ht {
deny all;
}
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
# Improve HTTPS performance with session resumption
ssl_session_cache shared:SSL:30m;
ssl_session_timeout 15m;
ssl_session_tickets on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/abc.com/fullchain.pem;
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s; # Cloudflare
resolver_timeout 5s;
ssl_certificate /etc/letsencrypt/live/abc.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/abc.com/privkey.pem; # managed by Certbot
}
server {
if ($host = www.abc.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = abc.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name abc.com www.abc.com;
return 404; # managed by Certbot
}
/site-available/dev.abc.com.conf
server {
root /var/www/dev.abc.com;
index index.php index.html index.htm index.nginx-debian.html;
server_name dev.abc.com;
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_connect_timeout 300s;
fastcgi_read_timeout 300s;
fastcgi_send_timeout 300s;
}
location ~ /\.ht {
deny all;
}
listen 443 ssl http2;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384";
# Improve HTTPS performance with session resumption
ssl_session_cache shared:SSL:30m;
ssl_session_timeout 15m;
ssl_session_tickets on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/dev.abc.com/fullchain.pem;
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] valid=300s; # Cloudflare
resolver_timeout 5s;
ssl_certificate /etc/letsencrypt/live/dev.abc.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/dev.abc.com/privkey.pem; # managed by Certbot
}
I have successfully enabled A records on Cloudflare and Digital ocean for dev domain name.
Problem is, whenever I try to access dev.abc.com it is getting redirect to abc.com no matter what.
Then I tried to remove the abc.com.conf server block and tested, then it was working fine with dev.abc.com.conf; however, when I try to put both blocks together then this time it was only working on dev.abc.com.
I am not sure what I am missing in this Nginx configuration. I also have both SSL certificate to match the exact domains. I have exact Nginx configuration on Ubuntu server and its working fine for my another site.
I got a website with a main domain, and a subdomain. I use nginx. On the main domain I have https and not on the subdomain. However, https://sub.domain.com is serving the content of domain.com, with a browser warning
So far I tried to adjust my conf in nginx with no luck.
This is the nginx conf file for sub.domain.com:
server {
listen 80;
server_name sub.domain.com;
root /var/www/sub/;
index index.php;
access_log /var/log/nginx/sub_http_access.log combined;
error_log /var/log/nginx/sub_http_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-handler-http;
fastcgi_read_timeout 60s;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
}
This is the nginx conf for domain.com:
upstream php-handler-http {
server 127.0.0.1:9000;
#server unix:/var/run/php5-fpm.sock;
}
server {
server_name domain.com;
root /var/www/html/;
index index.php;
# set max upload size
client_max_body_size 2G;
fastcgi_buffers 64 4K;
access_log /var/log/nginx/wordpress_http_access.log combined;
error_log /var/log/nginx/wordpress_http_error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args ;
}
location ~* \.(htaccess|htpasswd) {
deny all;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass php-handler-http;
fastcgi_read_timeout 60s;
}
# set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = sub.domain.com) {
return 301 http://$host$request_uri;
}
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 443 ssl;
server_name 8.8.8.8;
return 301 $scheme://domain.com$request_uri;
}
I am expecting to not have the https://sub.domain.com serve main website content and have a 301 redirect to http://sub.domain.com
I'm new to using nginx. Up until now I was using as an hosting engine APACHE2, and because of it I have an issue with my website migration
here is my VHOST config file:
server {
root /var/www/html/domain_com/web/;
index index.php index.html index.htm;
server_name domain.com www.domain.com;
error_log /var/www/html/domain_com/log/error.log;
access_log /var/www/html/domain_com/log/nginx-access.log;
try_files $uri $uri/ /index.php?$args;
location ~* \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
}
include /var/www/html/domain_com/web/nginx.conf;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name domain.com www.domain.com;
return 404; # managed by Certbot
}
with config like this when I call the website it returns me error "too many redirects", but if I will add listen 80; at the top of first server block everything works just fine, but certbot while adding certs for next domain displays warning about that server name already exists and information that the warning was ignored.
what can i do, to solve this problem? :)
server {
listen 80;
server_name domain.com www.domain.com;
rewrite ^ https://$server_name$request_uri permanent;
}
server {
listen 443 ssl; # managed by Certbot
root /var/www/html/domain_com/web/;
index index.php index.html index.htm;
server_name domain.com www.domain.com;
error_log /var/www/html/domain_com/log/error.log;
access_log /var/www/html/domain_com/log/nginx-access.log;
try_files $uri $uri/ /index.php?$args;
location ~* \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
}
include /var/www/html/domain_com/web/nginx.conf;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}