i try to configure my Prestashop with nginx.
Everything works except the categories. I have some friendly URL Rewrite:
{categories:/}{rewrite}/
Like: myurl.com/fuellmaterial/
Nginx give me a 404 for that category sites. The problem is that the server add "index.html" to the url, i can see that in the error.log
Error 404 GET /fuellmaterial/ HTTP/1.1 SSL/TLS-Zugriff für nginx
Error 15130#0: *1295 "/var/www/vhosts/myurl.com/httpdocs/fuellmaterial/index.html" is not found (2: No such file or directory) nginx-Fehler
How can i remove that index.html for categories? Any Ideas?
thanks
This configuration should work as it is on our PHP 7 / Nginx / Presta 1.6 production configuration, don't forget to uncomment and edit for your needs like SSL configuration :
server {
listen *:80;
#listen *:443 ssl;
#ssl_certificate /root/etc/letsencrypt/live/www.domain.tld/fullchain.pem;
#ssl_certificate_key /root/etc/letsencrypt/live/www.domain.tld/privkey.pem;
server_name www.domain.tld;
access_log /var/log/nginx/www.domain.tld.access.log;
error_log /var/log/nginx/www.domain.tld.error.log;
root /var/www/www.domain.tld;
index index.html index.htm index.php;
client_max_body_size 60M;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_connect_timeout 600;
fastcgi_send_timeout 600;
fastcgi_read_timeout 600;
rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
rewrite ^/([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$1$2$3.jpg last;
rewrite ^/([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
rewrite ^/([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
rewrite ^/c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2$3.jpg last;
rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$ /img/c/$1$2.jpg last;
rewrite ^/images_ie/?([^/]+)\.(jpe?g|png|gif)$ /js/jquery/plugins/fancybox/images/$1.$2 last;
try_files $uri $uri/ /index.php$is_args$args;
error_page 404 /index.php?controller=404;
#ssl_session_timeout 24h;
#ssl_session_cache shared:SSL:10m;
#ssl_dhparam /etc/ssl/dhparam.pem;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:RSA+3DES:AES128-SHA:!ADH:!AECDH:!MD5;
#ssl_prefer_server_ciphers on;
#ssl_stapling on;
#ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=31536000;
resolver 127.0.0.1;
location ~* \.(eot|ttf|woff|eof|woff2|css|js|jsonp|jpg|jpeg|gif|png|ico|svg|webm|mp3|mp4)$ {
add_header Access-Control-Allow-Origin *;
# ~ 10 Days
expires 604800s;
}
location ~ \.tpl {
deny all;
}
location ~ [^/]\.php(/|$) {
fastcgi_index index.php;
include fcgi.conf;
# depending on version, could be : include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Related
I want to apply rewrite /author/xxx to /index.php?author_name=xxx
rewrite ^/author/(.*)/$ /index.php?author_name=$1;
When I apply code, browser url looks like that :
http://www.site-name.com/?author_name=xxx
I want url will look like :
http://www.site-name.com/author/xxx but it will rewrite index.php?author_name=xxx
Any idea to fix it?
My Nginx conf file is below :
server {
server_name site-name.com;
rewrite ^(.*) http://www.site-name.com$1 permanent;
listen 8080;
}
server {
listen 8080;
access_log off;
# access_log /home/www.site-name.com/logs/access_log;
error_log on;
# error_log /home/www.site-name.com/logs/error.log;
#add_header X-Frame-Options SAMEORIGIN;
#add_header X-Frame-Options "ALLOW-FROM https://www.site-name.xyz";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
root /home/www.site-name.com/public_html;
include /etc/nginx/conf/ddos2.conf;
# include /etc/nginx/conf/cors.conf;
index index.php index.html index.htm;
server_name www.site-name.com;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
rewrite ^/author/(.*)/$ /index.php?author_name=$1;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
fastcgi_connect_timeout 250;
fastcgi_send_timeout 250;
fastcgi_read_timeout 250;
fastcgi_buffer_size 256k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_intercept_errors on;
fastcgi_param SCRIPT_FILENAME /home/www.site-name.com/public_html$fastcgi_script_name;
}
include /etc/nginx/conf/drop.conf;
}
Your rewrite looks OK: From extern you can use /author/... and internally it will use index.php?....
I suppose you also want to redirect index.php?... to the nice path:
rewrite ^/author/([^/]*)/?$ /index.php?author_name=$1 break;
rewrite ^/index.php$ https://www.example.com/author/$arg_author_name/ redirect;
root /var/www/html/;
fastcgi_index index.php;
fastcgi_pass php;
include fastcgi_params;
I just made the switch to Nginx after years of using apache. I am in the process of switching everything over but I am having one hell of a time doing so. My current issue is with nagios. I can access nagios but the cgi portion of it does not appear to be working, I just get garbled output. I am also not being prompted for username/password when accessing it which is a bit concerning.
I am also running owncloud on my webserver which seems to be working properly. Here is my configuration. Any help would be greatly appreciated.
upstream php-handler {
server 127.0.0.1:9000;
}
server {
listen 80;
server_name www.<my_server>.com;
return 301 https://$server_name$request_uri;
}
#SSL Configuration
server {
listen 443 ssl;
server_name www.<my_server>.com;
ssl_certificate /etc/letsencrypt/live/www.<my_server>.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.<my_server>.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
include /etc/nginx/default.d/*.conf;
root /mnt/Webserver/html;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# ownCloud blacklist
location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
deny all;
error_page 403 = /owncloud/core/templates/403.php;
}
location / {
index index.html;
}
location /owncloud/ {
error_page 403 = /owncloud/core/templates/403.php;
error_page 404 = /owncloud/core/templates/404.php;
rewrite ^/owncloud/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/owncloud/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/owncloud/webdav(.*)$ /remote.php/webdav$1 redirect;
rewrite ^(/owncloud/core/doc[^\/]+/)$ $1/index.html;
# The following rules are only needed with webfinger
rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ redirect;
try_files $uri $uri/ index.php;
}
# Optional: set long EXPIRES header on static assets
location ~* ^/owncloud(/.+\.(jpg|jpeg|gif|bmp|ico|png|css|swf))$ {
expires 30d;
access_log off; # Optional: Don't log access to assets
}
#Nagios
location /nagios {
alias /usr/share/nagios;
auth_basic "Nagios Access";
auth_basic_user_file /etc/nagios/htpasswd.users;
index index.php;
autoindex off;
}
location ~ ^/nagios/(.*\.php)$ {
auth_basic "Nagios Restricted Access (via nginx)";
auth_basic_user_file /etc/nagios/passwd;
root /usr/share/nagios/;
rewrite ^/nagios/(.*) /$1 break;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/share/nagios$fastcgi_script_name;
fastcgi_pass php-handler;
}
location ~ ^/nagios/(.*\.cgi)$ {
auth_basic "Nagios Restricted Access (via nginx)";
auth_basic_user_file /etc/nagios/passwd;
root /usr/lib64/nagios/cgi;
rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;
include /etc/nginx/fastcgi_params;
fastcgi_param AUTH_USER $remote_user;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param SCRIPT_FILENAME /usr/lib64/nagios/cgi$fastcgi_script_name;
fastcgi_pass php-handler;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
}
Any help would be greatly appreciated.
I figured it out. Here is my new configuration. Thanks.
upstream php-handler {
server 127.0.0.1:9000;
}
server {
listen 80;
server_name www.<my_server>.com;
return 301 https://$server_name$request_uri;
}
#SSL Configuration
server {
listen 443 ssl;
server_name www.<my_server>.com;
ssl_certificate /etc/letsencrypt/live/www.<my_server>.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.<my_server>.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
include /etc/nginx/default.d/*.conf;
root /mnt/Webserver/html;
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# ownCloud blacklist
location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
deny all;
error_page 403 = /owncloud/core/templates/403.php;
}
location / {
index index.html;
}
location /owncloud/ {
error_page 403 = /owncloud/core/templates/403.php;
error_page 404 = /owncloud/core/templates/404.php;
rewrite ^/owncloud/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/owncloud/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/owncloud/webdav(.*)$ /remote.php/webdav$1 redirect;
rewrite ^(/owncloud/core/doc[^\/]+/)$ $1/index.html;
# The following rules are only needed with webfinger
rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ redirect;
try_files $uri $uri/ index.php;
}
# Optional: set long EXPIRES header on static assets
location ~* ^/owncloud(/.+\.(jpg|jpeg|gif|bmp|ico|png|css|swf))$ {
expires 30d;
}
#Nagios
location /nagios {
alias /usr/share/nagios;
auth_basic "Nagios Restricted Access (via nginx)";
auth_basic_user_file /etc/nginx/.htpasswd;
index index.php;
autoindex off;
}
location ~ ^/nagios/(.*\.php)$ {
root /usr/share/nagios/;
rewrite ^/nagios/(.*) /$1 break;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /usr/share/nagios$fastcgi_script_name;
fastcgi_pass php-handler;
}
location ~ ^/nagios/(.*\.cgi)$ {
root /usr/lib64/nagios/cgi;
rewrite ^/nagios/cgi-bin/(.*)\.cgi /$1.cgi break;
include /etc/nginx/fastcgi_params;
fastcgi_param AUTH_USER $remote_user;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param SCRIPT_FILENAME /usr/lib64/nagios/cgi$fastcgi_script_name;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
}
I have a VPS Ghost installation, which runs on nginx. I have created an SSL certificate for it and everything works well, apart from the fact that all http://subdomain.example.com always redirect back to my main https://example.com when using HTTP.
However, if I visit https://subdomain.example.com, it doesn't redirect back to example.com. I want to make sure that when my users visit *.example.com, they don't redirect back to the main domain, regardless of whether they are using HTTP/S.
The reason behind this is because I'm trying to set up ownCloud on a subdomain of its own and can only access it currently by example.com/cloud.
I've spent many hours configuring the conf files on nginx, please help!
Here are my two nginx config files -
For the main domain:
server {
listen 80;
server_name notepad.li;
ssl_certificate /etc/letsencrypt/live/notepad.li/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/notepad.li/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name notepad.li;
root /var/www/ghost/;
ssl_certificate /etc/letsencrypt/live/notepad.li/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/notepad.li/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
client_max_body_size 200M;
location ~ /.well-known {
allow all;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:2368;
}
location /robots.txt {
alias /var/www/notepad/robots.txt;
}
rewrite ^/cloud$ /cloud/ redirect;
rewrite ^/cloud/$ /cloud/index.php;
rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
location /cloud/ {
alias /var/www/owncloud/;
location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ {
deny all;
}
location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
}
location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
# note: ~ has precendence over a regular location block
# Accept URLs like:
# /cloud/index.php/apps/files/
# /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d)
# /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240)
# /cloud/remote.php/webdav/yourfilehere...
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/owncloud/$2;
fastcgi_param SCRIPT_NAME $1$2;
fastcgi_param PATH_INFO $3;
fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
fastcgi_param MOD_X_ACCEL_REDIRECT_PREFIX /owncloud-xaccel;
fastcgi_read_timeout 630;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
client_max_body_size 1G;
fastcgi_buffers 64 4K;
}
location ^~ /owncloud-xaccel/ {
# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. ownCloud sends the full file
# path on disk as a subdirectory under this virtual path.
# We must only allow 'internal' redirects within nginx so that the filesystem
# is not exposed to the world.
internal;
alias /;
}
location ~ ^/((caldav|carddav|webdav).*)$ {
# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.
# Properly proxying like this seems to work fine.
proxy_pass https://127.0.0.1/cloud/remote.php/$1;
}
rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /cloud/remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /cloud/remote.php/caldav/ redirect;
}
For the subdomain:
upstream php-handler {
server unix:/run/php/php7.0-fpm.sock;
}
server {
listen 80;
server_name box.notepad.li;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name box.notepad.li;
ssl_certificate /etc/letsencrypt/live/box.notepad.li/fullchain.crt;
ssl_certificate_key /etc/letsencrypt/live/box.notepad.li/privkey.key;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
root /var/www/owncloud/;
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
rewrite ^/.well-known/caldav /remote.php/dav/ permanent;
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location / {
rewrite ^/remote/(.*) /remote.php last;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ =404;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the location ~ \.php(?:$|/) { block
location ~* \.(?:css|js)$ {
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
# Optional: Don't log access to other assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
access_log off;
}
}
I have copied/pasted + modified nginx configuration code, regarding ownCloud. I checked everything and it seems fine. What am I doing wrong? Why can I not access http://subdomain.example.com without it being redirected to https://example.com?
As always, I forgot to triple-check my nginx core files. As pointed out in the comments, I forgot to include the include sites-enabled; in nginx.conf and then create a symlink for my new subdomain config in that folder.
Thanks again!
We're running a Wordpress site on a Nginx server, I am now trying to install Piwik there in the /stats folder.
This is the default Nginx configuration that came with the install, I added the "/stats" block myself, but it doesn't work - it gets rendered by WordPress whenever I go to mysite.com/stats instead of going to that folder.
Desired behavior would be that the /stats subdirectory (and all files and directories in it) is just parsed by PHP as would be on a default install without Nginx rules
Any clue what I'm missing?
server_name _;
port_in_redirect off;
client_header_buffer_size 4k;
client_body_buffer_size 128k;
client_max_body_size 16m;
root /var/www/html;
index index.html index.php;
charset utf-8;
log_not_found off;
gzip_static on;
gzip_types text/css application/javascript text/xml;
gzip_vary on;
gzip on;
# redirect server error pages to the static page /50x.html
#
error_page 500 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location #rewrite {
rewrite ^.*$ /index.php?$args;
}
error_page 404 #rewrite;
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
# WP Multisite rewrites
rewrite /([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*) /$2 last;
rewrite /([_0-9a-zA-Z-]+/)?(.*\.php)$ /$2 last;
location / {
try_files $uri $uri.gz $uri/ #rewrite;
}
location ~ \.sql$ {
rewrite ^.*$ /index.php?$args;
}
# We do not want to run php from wp uploads
location ~* /(?:uploads|files)/.*\.php$ {
rewrite ^.*$ /index.php?$args;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
}
location /stats {
try_files $uri $uri/ /index.php?$args;
index index.php;
}
location = /favicon.ico {
access_log off;
expires 2w;
add_header Cache-Control public;
try_files $uri #rewrite;
}
location ~* \.(js|css|jpg|jpeg|png|gif|ico|woff|woff2|ttf|otf|eot|pdf|xml|mp4|ogg|mp3|mov|wmv|avi|cur|rtf|txt|swf)$ {
add_header Cache-Control public;
add_header Access-Control-Allow-Origin *;
expires 2w;
try_files $uri $uri.gz;
}
The rules for multi-site WordPress, particularly this one: rewrite /([_0-9a-zA-Z-]+/)?(.*\.php)$ /$2 last; will redirect any /stats/index.php URI back to WordPress's /index.php.
If you are not using a multi-site WordPress, you can safely delete the redundant rewrite rules.
If you are using a multi-site WordPress, some redesign is required.
I have a project set up on Nginx running on Symfony2 with Wordpress blog in it. Wordpress blog is inside web/ in Symfony2. Some things on the blog doesn't work (for example infinite 302 on wp-admin and some CSS issues). Can someone show me how proper config file for this setup should look like?
Mine looks like this:
server {
listen 80;
server_name project.com *.project.com;
return 301 https://www.project.com$request_uri;
root /usr/share/nginx/html/project.com/web;
error_log /var/log/nginx/project.error.log;
access_log /var/log/nginx/project.access.log;
client_max_body_size 12M;
# strip app.php/ prefix if it is present
#rewrite ^/app\.php/?(.*)$ /$1 permanent;
location / {
index app.php;
try_files $uri #rewriteapp;
if ($http_host ~ "^[^.]+\.[^.]+$"){
rewrite ^(.*)$ https:%1://www.$http_host$request_uri redirect;
}
}
location #rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ .php {
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
}
server {
listen 443;
ssl on;
ssl_certificate /etc/nginx/ssl/www.project.com/project-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/www.project.com/project.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !MEDIUM";
ssl_dhparam dh4096.pem;
server_name project.com *.project.com;
root /usr/share/nginx/html/project.com/web;
error_log /var/log/nginx/project.error.log;
access_log /var/log/nginx/project.access.log;
client_max_body_size 12M;
# strip app.php/ prefix if it is present
rewrite ^/app\.php/?(.*)$ /$1 permanent;
location / {
index app.php;
try_files $uri #rewriteapp;
if ($http_host ~ "^[^.]+\.[^.]+$"){
rewrite ^(.*)$ https:%1://www.$http_host$request_uri redirect;
}
}
location /blog/wp-admin/ {
index index.php;
# #try_files $uri #rewriteindex;
# try_files $uri $uri/ /index.php?$args;
}
#location #rewriteindex {
# rewrite ^(.*)$ /blog/wp-admin/index.php/$1 last;
#}
location #rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ .php {
#fastcgi_pass 127.0.0.1:9000;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
location .(js|jpg|png|css)$ {
root /usr/share/nginx/html/project.com/web;
expires 30d;
}
}
This config file is just a mess. It might be better just to start from scratch but I'm not sure how I should handle the Wordpress part inside web/blog/
location ~ /blog {
proxy_pass http://your_wp_server_url;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
and define in a new site enabled file in nginx the server for wordpress:
server{
server_name your_wp_server_url;
root path_to_wordpress;
.
.
.
}