I have 404 error when trying to access CSS and JS files of the sub static directory. I tried to use =, or ~ but it still does not work.
mydomain/sub/index.html is served.
mydomain/sub/css/style.css is not served.
Here is the Nginx configuration file :
server {
listen 80;
server_name www.example.com example.com;
return 301 https://www.example.com$request_uri;
}
server {
# Global
listen 443 ssl http2;
server_name www.example.com example.com;
charset utf-8;
# Logs
...
# SSL
...
# OCSP Stapling
...
# HSTS
....
# Robots
location /robots.txt {
return 200 "User-agent: *\nAllow: /";
}
# Sub
location /sub {
alias /www/sub;
index index.html;
try_files $uri $uri/ =404;
}
# Page Speed
include /etc/nginx/pagespeed.conf;
# Set expiration policy
location ~* \.(?:ico|css|js|gif|jpe?g|png|woff)$ {
expires 7d;
add_header Pragma public;
add_header Cache-Control "public";
proxy_pass http://example;
}
# Location
location / {
if ($request_method = POST) {
return 500;
}
proxy_pass http://mydomain;
}
}
in my case, sub directory should use sub location, wish help you.
location /company/default/static/ {
alias /data/pro/static_deployment/ ;
autoindex off;
location ~* \.(js|css|png|jpg|jpeg)$ {
expires 7d;
}
}
Related
I have a unique setup with a WordPress install in the main root and a second WordPress install (multisite) in a sub folder.
/sites/example.com/files/[WP Site example.com]
/sites/example.com/files/demo [WP Multisite example.com/demo]
The main site is working well but the multisite isn't.
When I request a multisite (example.com/demo/site1) it I get 404's in the console (example.com/demo/site1/style.css = 404)
Here is my conf.
map $uri $blogname{
~^(?P<blogpath>/[^/]+/)files/(.*) $blogpath ;
}
map $blogname $blogid{
default -999;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /sites/example.com/files/;
index index.html index.php;
access_log /sites/example.com/logs/access.log;
error_log /sites/example.com/logs/error.log;
# MIME sniffing prevention
add_header X-Content-Type-Options "nosniff";
# Enable cross-site scripting filter in supported browsers.
add_header X-Xss-Protection "1; mode=block";
# WP Multisite start
location ~ ^(/[^/]+)?/files/(.+) {
try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ;
access_log off; log_not_found off; expires max;
}
#avoid php readfile()
location ^~ /blogs.dir {
internal;
alias /sites/example.com/files/demo/wp-content/blogs.dir ;
access_log off; log_not_found off; expires max;
}
if (!-e $request_filename) {
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
rewrite ^(/[^/]+)?(/wp-.*) $2 last;
rewrite ^(/[^/]+)?(/.*\.php) $2 last;
}
location /demo {
#alias /sites/example.com/files/demo/;
try_files $uri $uri/ /demo/index.php?$args;
}
# WP Multisite end
# Prevent access to hidden files
location ~* /\.(?!well-known\/) {
deny all;
}
# Prevent access to certain file extensions
location ~\.(ini|log|conf|blade.php)$ {
deny all;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi.conf;
fastcgi_pass unix:/run/php/php8.0-example.sock;
}
}
Any advice would be greatly appreciated. I've been trying to solve this for about a week.
I've been using this as a guide:
https://www.nginx.com/resources/wiki/start/topics/recipes/wordpress/#rewrite-rules-for-multisite
Thank you!
I commented above and left the link that was helpful in answering my question.
Here is my final nginx config that is working.
map $uri $blogname{
~^(?P<blogpath>/[^/]+/)files/(.*) $blogpath ;
}
map $blogname $blogid{
default -999;
#Ref: http://wordpress.org/extend/plugins/nginx-helper/
#include /var/www/wordpress/wp-content/plugins/nginx-helper/map.conf ;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /sites/example.com/files/;
index index.html index.php;
access_log /sites/example.com/logs/access.log;
error_log /sites/example.com/logs/error.log;
# MIME sniffing prevention
add_header X-Content-Type-Options "nosniff";
# Enable cross-site scripting filter in supported browsers.
add_header X-Xss-Protection "1; mode=block";
# WP Multisite start
location ~ ^(/[^/]+)?/files/(.+) {
try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ;
access_log off; log_not_found off; expires max;
}
#avoid php readfile()
location ^~ /blogs.dir {
internal;
alias /sites/example.com/files/demo/wp-content/blogs.dir ;
access_log off; log_not_found off; expires max;
}
# Rewrite multisite '.../wp-.*' and '.../*.php'.
if (!-e $request_filename) {
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
rewrite ^/demo(/[^/]+)?(/wp-.*) /demo$2 last;
rewrite ^/demo(/[^/]+)?(/.*\.php)$ /demo$2 last;
}
location /demo {
#alias /sites/example.com/files/demo/;
try_files $uri $uri/ /demo/index.php?$args;
}
# WP Multisite end
# Prevent access to hidden files
location ~* /\.(?!well-known\/) {
deny all;
}
# Prevent access to certain file extensions
location ~\.(ini|log|conf|blade.php)$ {
deny all;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi.conf;
fastcgi_pass unix:/run/php/php8.0-example.sock;
}
}
I have two url
http://localhost/?shop=test
http://localhost/login?shop=test
first url is working. But second url coming 404 nginx page. how can I fix this problem. I want to every location come header if exist shop query
server {
listen 8081 default_server;
listen [::]:8081 default_server;
server_name _;
location / {
if ( $arg_shop ) {
add_header Content-Security-Policy "frame-ancestors https://$arg_shop";
}
root /home;
index index.html;
include /etc/nginx/mime.types;
try_files $uri $uri/ /index.html?$query_string;
}
}
The problem with using if inside a location, is that it doesn't work the way you expect.
You can use a map to define the value of the add_header directive. If the argument is missing or empty, the header will not be added.
For example:
map $arg_shop $csp {
"" "";
default "frame-ancestors https://$arg_shop";
}
server {
...
add_header Content-Security-Policy $csp;
location / {
...
}
}
I fixed like that
server {
listen 8081 default_server;
listen [::]:8081 default_server;
server_name _;
location / {
error_page 404 = #error_page;
if ( $arg_shop ) {
add_header "Content-Security-Policy" "frame-ancestors https://$arg_shop";
}
root /home;
index index.html;
include /etc/nginx/mime.types;
try_files $uri $uri/ /index.html?$query_string;
}
location #error_page {
add_header "Content-Security-Policy" "frame-ancestors https://$arg_shop";
root /home;
index index.html;
include /etc/nginx/mime.types;
try_files $uri $uri/ /index.html?$query_string;
}
}
I am using an Ubuntu 18.04.5 LTS webserver that is configured with nginx. The server is running and I can access any file on my mainpage example.com. Now I want to install matomo on the server. However, I can only manage to access the installation via my root url www.example.com. Whenever I try to move the Matomo-access to a subpage e.g. example.com/matomo/ my sever sends a 404 instead. I think I have made a mistake in creating a configuration setup for calling subpages, but I cannot figure out what went wrong. I am new to nginx and have spent the last 2 days testing for a solution. Any help would be highly appreciated. Please find my server.conf, as well as the matomo.conf below.
My server config-file is as follows:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.example.com;
set $base /var/www/example.com;
root $base/public;
# SSL
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
# security
include nginxconfig.io/security.conf;
# logging
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log warn;
# index.php
index index.php;
# index.php fallback
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# handle .php
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
include nginxconfig.io/php_fastcgi.conf;
}
}
My matomo.conf:
server {
listen 443 ssl http2;
server_name www.example.com/subpage example.com/subpage;
access_log /var/log/nginx/matomo.access.log;
error_log /var/log/nginx/matomo.error.log;
## SSL
ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;
add_header Referrer-Policy origin always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
root /var/www/example.com/subpage/matomo/; # path to matomo instance
index index.php;
## only allow accessing the following php files
location ~ ^/(index|matomo|piwik|js/index|plugins/HeatmapSessionRecording/configs)\.php {
include snippets/fastcgi-php.conf;
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
## deny access to all other .php files
location ~* ^.+\.php$ {
deny all;
return 403;
}
## serve all other files normally
location / {
#try_files $uri $uri/ =404;
}
## disable all access to the following directories
location ~ ^/(config|tmp|core|lang) {
deny all;
return 403; # replace with 404 to not show these directories exist
}
location ~ /\.ht {
deny all;
return 403;
}
location ~ js/container_.*_preview\.js$ {
expires off;
add_header Cache-Control 'private, no-cache, no-store';
}
location ~ \.(gif|ico|jpg|png|svg|js|css|htm|html|mp3|mp4|wav|ogg|avi|ttf|eot|woff|woff2|json)$ {
allow all;
## Cache images,CSS,JS and webfonts for an hour
## Increasing the duration may improve the load-time, but may cause old files to show after an Matomo upgrade
expires 1h;
add_header Pragma public;
add_header Cache-Control "public";
}
location ~ ^/(libs|vendor|plugins|misc/user|node_modules) {
deny all;
return 403;
}
## properly display textfiles in root directory
location ~/(.*\.md|LEGALNOTICE|LICENSE) {
default_type text/plain;
}
}
# vim: filetype=nginx
Thanks for the quick reply.
After further looking for solutions I have now done both: I created a subdomain and launched matomo under a subpage by adding the following code to the subdomain.config.
location /matomo {
root /var/www/subdomain.example.com/matomo;
}
I found this to be a great tutorial on creating subdomains.
With my current configuration the following URL triggers redirects which are really bad for SEO.
http://localhost/blog redirects to -> http://localhost/blog/
Here is my conf.d/default.conf file
server {
listen 80 default_server;
server_name localhost;
server_name_in_redirect on;
location / {
add_header Cache-Control "public";
expires 1y;
root /work/front-page/dist/browser;
}
}
I would like both location to give status 200, or at least to reverse the redirect
http://localhost/blog/ redirects to -> http://localhost/blog
EDIT:
putting
try_files $uri $uri/index.html =404;
seems to resolve the issue, thanks #Richard Smith
Here is the full working configuration, I tested it with http -> https redirect too.
server {
listen 80 default_server;
server_name localhost;
server_name_in_redirect on;
location / {
add_header Cache-Control "public";
expires 1y;
try_files $uri $uri/index.html =404;
root /work/front-page/dist/browser;
}
}
I am trying to redirect all http and http calls to https:// www.example.com using nginx config file.
The problem is that the redirect do not work for http://example.com ->https://www.example.com
All others work.
server {
listen 80;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443;
ssl on;
ssl_certificate /root/www.example.com.crt;
ssl_certificate_key /root/example.com.key;
server_name www.example.com;
add_header Strict-Transport-Security "max-age=31536000";
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
root /var/www/example.com/htdocs;
index index.php index.html;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ .php$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
}
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
}
You may try these, I guess its about using the exact statements
https://www.rosehosting.com/blog/how-to-redirect-http-traffic-to-https-in-nginx-and-apache/