My nginx configuration:
location ~(\d*?)-(\d*?).news.html{
try_files $uri $uri/ /controller/news.php?id=$2&count=$3;
}
location ~/(\d*?)-(\d*?).journal.html {
try_files $uri $uri/ /controller/journal.php?id=$1&count=$2;
}
location ~/(\d*?)-(\d*?).event.html{
try_files $uri $uri/ /controller/event.php?id=$1&count=$2;
}
location ~ /news.php$ {
fastcgi_cache my_cache;
fastcgi_cache_key $scheme$host$request_uri$request_method;
#cache for 2 hours
fastcgi_cache_valid 200 2h;
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /journal.php$ {
fastcgi_cache my_cache;
fastcgi_cache_key $scheme$host$request_uri$request_method;
#cache for 1 day
fastcgi_cache_valid 200 1d;
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /event.php$ {
fastcgi_cache my_cache;
fastcgi_cache_key $scheme$host$request_uri$request_method;
#cache for 5 hours
fastcgi_cache_valid 200 5h;
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.php$ {
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
I have three (or more) locations with html url redirected to corresponding php script, and with different fastcgi_cache_valid time.
So that I need to add totally six location routes to handle such logic. But at the bottom, a php location route without caching is needed for other php scripts.
However, all php location route have the nearly same attributes. How can it be shared among all php location route? Or is there any other shorter way to achieve the same mechanism?
I guess you at least can move this code to external file
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
and replace it by something like...
include /path/to/php4fpm-nginx-fastcgi.conf;
Location parsing also looks replaceable
location ~(\d*?)-(\d*?).news.html{
try_files $uri $uri/ /controller/news.php?id=$2&count=$3;
}
location ~/(\d*?)-(\d*?).journal.html {
try_files $uri $uri/ /controller/journal.php?id=$1&count=$2;
}
location ~/(\d*?)-(\d*?).event.html{
try_files $uri $uri/ /controller/event.php?id=$1&count=$2;
}
with
location ~(\d*?)-(\d*?).(news|journal|event).html{
# note it has changed order for vars.
try_files $uri $uri/ /controller/$3.php?id=$1&count=$2;
}
I would go even deeper and use set $var "value" in conditions and then reuse code, but let it be your homework.
Related
I'm not getting through this.
My server is app.local and I need to respond to:
http://app.local/api/v1/
I need to configure my nginx to serve files placed in:
/app/api/code
So the filesystem is not reflecting the http request form.
CURRENT VERSION
server {
server_name app.local;
index index.php;
location /api/v1 {
alias /app/api/v1/code;
try_files $uri /api/v1/index.php$is_args$args;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass api-v1-php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
}
Ok, if I remove the outer try_files it seems to find the index.php, BUT i lose some functionality (I need to redirect every path to the index handler). How can I solve this? Is this a bug?
SOLUTION
This post had the solution: https://stackoverflow.com/a/35102259/2373113
UPDATED VERSION
server {
server_name app.local;
index index.php;
location /api/v1/ {
alias /app/api/v1/code/;
try_files $uri $uri/ /api/v1//api/v1/index.php$is_args$args;
location ~ /api/v1/.+\.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass api-v1-php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
}
I want to make my wordpress admin directory/files accessible only from my IP white list.
I want the list to be in other conf file because the list has more than 200 IPs.
Here is my default.conf. I use docker-compose.
server {
listen 80;
server_name 127.0.0.1;
root /var/www/html;
index index.php;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location ~* /wp-login\.php|/wp-admin/((?!admin-ajax\.php).)*$ {
include /etc/nginx/conf.d/allowip.conf;
deny all;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
result...
I am in the white list and when I access to mysite.com/wp-admin, my browser download the actual php files.
plus, I just realized no matter if you 'include' the allowip.conf or not, the setting in allowip.conf is active.
My question
How do you apply a white list in a separate file to a certain directory?
try this
server {
listen 80;
server_name 127.0.0.1;
root /var/www/html;
index index.php;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location ~* /wp-login\.php|/wp-admin/((?!admin-ajax\.php).)*$ {
include /etc/nginx/conf.d/allowip.conf;
deny all;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass wordpress:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
I want to override the permissions to /folder/script.php and have the following rules:
location ^~ /folder/script.php{
allow all;
} #shouldn't ^this one with ^~ override the others?
location ~ /folder/(.+)\.php$ {
deny all;
return 404;
allow 127.0.0.1;
}
location ~ ^/folder {
return 404;
}
location / {
# First attempt to serve request as file, then
# as directory, then trigger 404
try_files $uri $uri/ =404;
server_name_in_redirect off;
}
location ~ \.php$ {
try_files $uri =404;
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#fastcgi_pass /tmp/php5-fpm.sock;
#fastcgi_pass /var/run/php5-fpm.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $root_folder$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $root_folder;
# send bad requests
fastcgi_intercept_errors on;
include fastcgi_params;
}
but whenever I access admin.php I still get a 404 error and/or the script.php file is served to download, not interpreted. Could someone explain me why? Tyvm
The commands to execute a php script are:
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $root_folder$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $root_folder;
fastcgi_intercept_errors on;
include fastcgi_params;
I'm not sure where you define $root_folder, normally $document_root is used. The above (or similar) code must appear in each and every location block that is expected to execute php scripts.
So your configuration should look something like this:
location / {
try_files $uri $uri/ =404;
server_name_in_redirect off;
}
location ^~ /folder { deny all; }
location = /folder/script.php {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $root_folder$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $root_folder;
fastcgi_intercept_errors on;
include fastcgi_params;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $root_folder$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $root_folder;
fastcgi_intercept_errors on;
include fastcgi_params;
}
I have taken the liberty of simplifying your configuration a little. It seems that only the file /folder/script.php is executable within the /folder hierarchy, so an exact match (location =) is used, and /folder is denied. The allow 127.0.0.1; does nothing as it comes after the deny all.
As you can see, the fastcgi_pass 127.0.0.1:9000; directive must appear in any location container that directly handles php code. I would put some or all of these directives into a separate file and use include to pull them in at each location.
The rest of the directives have been copied across from your question, but I don't know if they are required here.
I have a little experience with configuring nginx server and here is my trouble.
I am trying set correct locations. I have two directs: address.com and address.com/api.
For last direction(API) I have setted locations and it works fine. API is located in /var/www/project/api folder.
root /var/www/project;
index index.php;
server_name localhost;
location /api {
try_files /api/$uri $uri/ /api/index.php?$query_string;
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^/api/(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_buffer_size 32k;
fastcgi_busy_buffers_size 64k;
fastcgi_buffers 4 32k;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
}
Now I need implement root for address.com to /var/www/project/website. And here I have some troubles.
First thing, what I did I had written that:
location / {
alias /var/www/project/website/;
}
And then I tried to add many different variants and here is my last note.
I have put it inside location / {}
location ~ ^/(.+\.php)$ {
alias /var/www/project/website/;
include /etc/nginx/fastcgi.conf;
proxy_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_intercept_errors on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}
In /etc/nginx/fastcgi.conf file I have added
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
And I get all time 403 Forbidden or 404 Not found or in nginx errors log is written that, for example, /var/www/project/website/... is not found.
Has somebody experience with nginx configuring and can tell, how to set /website location correct?
Something like that:
server {
listen 80;
server_name localhost;
root /var/www/src/website;
index index.php index.html;
error_log /var/log/nginx/error.log;
location / {
try_files $uri $uri/ =404;
}
location /test {
try_files $uri $uri/test.html =404;
}
location /api/ {
alias /var/www/src/api/;
try_files $uri $uri/ /index.php =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location /pmants {
root /var/www/src/;
index index.php index.html index.htm;
location ~ ^/pmants/(.+\.php)$ {
try_files $uri =404;
root /var/www/src/;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ~* ^/pmants/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/src/;
}
}
location ~* \.php {
include fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_cache off;
fastcgi_index index.php;
}
}
I want case insensitive for my php file.
I tried :
location ~* / {
rewrite ^/(.+)$ /index.php?url=$1 last;
}
location ~* \.php$ {
try_files $uri =404;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_read_timeout 300;
}
I get 500 Internal Server. Where is error? Thanks in advance