Nginx rewrite to prevent PHP file direct access - nginx

I'm trying to setup some rewrites so that
(1) .com/images/* will load naturally
(2) .com/* will be rewritten to .com/loader.php?control=*
However the code below works perfectly except it will execute .com/config.php instead of rewriting it to .com/loader.php?control=config.php
How can I prevent my rewrite being overridden? I only want .php files to be executed if it's loader.php or in the images folder. (Been trying for hours)
server {
listen 80;
root /mnt/web/test_com/public_html;
server_name test.com;
index index.html index.php index.htm;
location ~ .php(.*)$ {
fastcgi_pass unix:/tmp/php-70-cgi.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $DOCUMENT_ROOT$fastcgi_script_name;
fastcgi_param PATH_INFO $2;
include fcgi.conf;
}
location / {
rewrite ^/(.*)$ /loader.php?control=$1 last;
}
location /images/ {
}
}
Thanks!

You should look into the try_files directive
Like the return and rewrite directives, the try_files directive is placed in a server or location block. As parameters, it takes a list of one or more files and directories and a final URI
Read the whole blog-post written on the nginx blog here:
https://www.nginx.com/blog/creating-nginx-rewrite-rules/

Related

Nginx load subpath as wordpress root

I'm trying to set up a Wordpress in a system that has another php application installed, using nginx as web server.
I've simplified my config file to the maximun. The following confi is serving one post of my blog:
server {
listen 80;
server_name blog.ct.com;
root /home/ff/www/blog/;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$uri&$args =405;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_buffer_size 128k;
fastcgi_buffers 64 32k;
fastcgi_busy_buffers_size 128k;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param APPLICATION_ENV development;
fastcgi_param HTTP_X_FORWARDED_PROTO https;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}
}
But, due my system's requirements I need to serve the blog from within a sub path (In my final system http://blog.ct.com/ should be serving my custom php app and http://blog.ct.com/vendor should be serving the wordpress blog).
The local root directory from wordpress must be /home/ff/www/blog/ (this cannot be changed, while my custom app's directory is /home/ff/www/myapp/). So I think I need to reserve location / for my custom app, I have to create a location /vendor
If I add /vendor and I return 403 in / (just to debug easier), the browser says 405 (notice the =405 in /vendor, also to debug easier):
location /vendor {
try_files $uri $uri/ /index.php?$uri&$args =405;
}
location / {
return 403;
}
So I think nginx is going into location /vendor but is not finding my php script in /home/ff/www/blog/index.php so its returning the fallback 405.
Any idea why this could happen?
How can I achieve to load http://blog.ct.com/vendor as the root from wordpress but keeping http://blog.ct.com/ using another php script?
I've found out the following hints that gave me the clue to fix the problem (in case someone has the same problem than me, this may help)
Using location /path is not the same as using location ~(/path) (regex have different priority, so maybe they are not being checked in the order you think)
Adding error_log /your/path/log/error.log debug; to any location block may help you to see how is nginx serving every request (e.g. to location fastcgi, location \vendor, or the server{ block).
alias /var/www/path/vendor works different than root /var/www/path/vendor (check Nginx -- static file serving confusion with root & alias);
In case of the root directive, full path is appended to the root including the location part, whereas in case of the alias directive, only the portion of the path NOT including the location part is appended to the alias.
using rewrite with alias can help you parse the php file you want independent of the path
if (!-f $request_filename) {
rewrite ^ $document_root/index-wp.php last;
}
Take care of the SCRIPT_FILENAME you are using (check it with error_log, see above), maybe you need fastcgi_param SCRIPT_FILENAME $fastcgi_script_name; but you are loading fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; so depending on your previous config you may be attaching the document root twice.
Two different configurations for fastcgi can be used if you change your index.php file names. E.g. location ~ wp\.php$ { will work with wp.php while location ~ \.php$ { will work with all other php files like index.php.

Difference between 2 methods rewrite in nginx

I'm migrating from Apache to nginx and need to convert massive httaccess file to nginx format.
I found 2 ways that work, which one should I use?
location = /test.html { rewrite ^(.*)$ /index.php?action=temp&name=test; }
or just
rewrite ^/test.html$ /index.php?action=temp&name=test;
I'm putting this all in the file (ez_rewrite_list.conf) and then include in the virtual.conf. Where should I put that file location wise? Does it matter? am I doing right? any tips
server {
listen 80;
server_name test.com;
location / {
root /var/www/com/mysite;
index index.php index.html index.htm;
}
include /etc/nginx/ez_conf/ez_rewrite_list.conf;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /var/www/com/mysite;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME document_root$fastcgi_script_name;
include fastcgi_params;
}
}
You've forgot to escape dot (.) in rewrite and they are not exactly the same.
Technically exact location should be a little faster than checking regexp for every request. Also you don't need to capture anything in rewrite inside the location, so I would use
location = /test.html {
rewrite ^ /index.php?action=temp&name=test;
}
But actually, you'll never see any difference.

symfony2, wordpress and nginx configuration

I have symfony2 on the main page, now i tried to install WordPress on the sub directory called blog.
I'm using nginx as web server with fastcgi. I tried to configure the it but i got the error 500.
Does anyone know how to set it up properly on nginx?
Thanks
rewrite ^(.*) /app_dev.php last;
Should probably be something like
rewrite ^(.*) /web/app_dev.php last;
You also probably rather want to use try_files like so, else your images, css, js assets won't be found. Something like
location / {
# try to serve file directly, fallback to rewrite
try_files $uri /web/$uri #rewrite;
expires 30d; ## Assume all files are cachable
location ~ \.php {
expires off;
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
fastcgi_param HTTPS on;
add_header X-Frame-Options "ALLOW-FROM https://www.youtube.com/" ;
}
}
location #rewrite {
rewrite ^/(.*)$ /web/app.php/$1 last;
}
location /blog {
//Wordpress routing here
}
Anyway that is how I'm doing it with Magento instead of Wordpress.

Short-circuit logic in Nginx conf (would like to override a location)

I have mediawiki installed. All is right in the world except for when I try to alias a external directory (webalizer web stats). I see that Nginx passes off the request to /usage/* to PHP/Mediawiki. I don't want that. I literally want everything under /usage/ to point to my alias and nothing else. Completely separate from Mediawiki code and functionality.
# in no way related to Mediawiki. I just want to serve this as static HTML.
location /usage {
alias /var/www/webalizer/wiki.longnow.org/;
}
# This answers to anything, which may be my problem
location / {
try_files $uri $uri/ #rewrite;
index index.php;
}
# A special rewrite to play nicely with Mediawiki
location #rewrite {
rewrite ^/(.*)$ /index.php?title=$1&$args;
}
# PHP, nom nom nom
location ~ \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_pass unix:/tmp/php-fastcgi.socket;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
I was hoping that listing the /usage location directive ahead of the rest would short-circuit the system, but I have been spoiled by Django ;)
To stop Nginx from processing further location directives, it should be prefixed by ^~.
I think you will still want a try_files falling back to a 404 response inside the location.
location ^~ /usage {
alias /var/www/webalizer/wiki.longnow.org/;
try_files $uri $uri/ =404;
}
See http://wiki.nginx.org/HttpCoreModule#location for reference.

Nginx: Setting a default file extension

What rule would I use for nginx so my default file extension is .php?
I currently access a pages using www.mywebsite.com/home.php but I want to just use www.mywebsite.com/home
Thanks
Assuming you also want to serve static files, you could use something like this:
server {
server_name example.com;
# Set the docroot directly in the server
root /var/www;
# Allow index.php or index.html as directory index files
index index.html index.php;
# See if a file or directory was requested first. If not, try the request as a php file.
location / {
try_files $uri $uri/ $uri.php?$args;
}
location ~ \.php$ {
# If the php file doesn't exist, don't pass the request to php, just return a 404
try_files $uri =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass your_php_backend_address;
}
}

Resources