Ugh, been trying to get NGINX/php-fpm to play nicely with SF 1.4 for a few days now, and can't quite seem to nail down the proper config. I followed the nginx symfony guide as well as this SO post, but neither helped, and I suspect it may be because they were being configured against older versions of NGINX (I am working with 1.6.2).
Here is my config:
server {
listen 51000;
server_name example.mpurcell.dev.example.com;
access_log /tmp/access.log;
error_log /tmp/error.log notice;
root /home/mpurcell/projects/j1n/app/example/current/code/web/;
index index.php;
location ~ ^/(app|app_dev)(/|$) {
rewrite ^(.*)$ $1.php last;
}
location ~ ^/(app|app_dev).php(/|$) {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_param SERVICE_ENV 'dev';
fastcgi_param HTTPS off;
# http://wiki.nginx.org/Symfony
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass unix:/var/run/php-fpm.sock;
}
}
And the various responses:
$ -> curl -v 10.0.0.7:51000
# Expected
< HTTP/1.1 301 Moved Permanently
< Server: nginx/1.6.2
< Date: Wed, 01 Oct 2014 23:34:10 GMT
< Content-Type: text/html
< Transfer-Encoding: chunked
< Connection: keep-alive
< Location: /app
$ -> curl -v 10.0.0.7:51000/app.php
# Expected
< HTTP/1.1 200 OK
< Server: nginx/1.6.2
< Date: Wed, 01 Oct 2014 23:37:48 GMT
< Content-Type: text/html; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Cache-Control: private
$ -> curl -v 10.0.0.7:51000/app
# Not expected, the script executes but SF throws a 404 with the following error
# Empty module and/or action after parsing the URL "/app" (/).
< HTTP/1.1 404 Not Found
< Server: nginx/1.6.2
< Date: Wed, 01 Oct 2014 23:39:09 GMT
< Content-Type: text/html; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Cache-Control: private
And it sure looks like the rewrite rule from the vhost config is working:
2014/10/01 23:40:30 [notice] 9668#0: *13 "^(.*)$" matches "/app", client: 10.0.0.3, server: example.mpurcell.dev.example.com, request: "GET /app HTTP/1.1", host: "dev-a-2:51000"
2014/10/01 23:40:30 [notice] 9668#0: *13 rewritten data: "/app.php", args: "", client: 10.0.0.3, server: example.mpurcell.dev.example.com, request: "GET /app HTTP/1.1", host: "dev-a-2:51000"
And for the sake of completness, the cgi.fix_pathinfo is default (=1), and I don't really want to set this to 0.
Also, I should note that relative_url_root for the app controller is set to empty string, as it is located in the root web directory.
Stack:
nginx 1.6.2
php-fpm 5.4.33
php 5.4.33
I think your issue is that you've not told nginx where Symfony is. I've put an example of nginx configuration that I'm using currently that works.
server {
listen 80;
server_name example.com;
chunked_transfer_encoding on;
proxy_buffering off;
charset utf-8;
root /home/mpurcell/projects/j1n/app/example/current/code/web;
access_log /tmp/access_log;
error_log /tmp/error_log;
location /sf/ {
expires max;
root /home/mpurcell/projects/j1n/app/example/current/code/lib/vendor/symfony/data/web/;
}
location ~ ^/(index|frontend_dev|backend_dev)\.php($|/) {
set $script $uri;
set $path_info "";
if ($uri ~ "^(.+\.php)(/.*)") {
set $script $1;
set $path_info $2;
}
include fastcgi_params;
fastcgi_param PATH_INFO $path_info;
fastcgi_param SCRIPT_FILENAME $document_root$script;
fastcgi_param SCRIPT_NAME $script;
fastcgi_param HTTPS off;
fastcgi_pass 127.0.0.1:9000;
fastcgi_keep_conn on;
fastcgi_intercept_errors on;
}
location / {
if (-f $request_filename) {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
break;
}
if ($request_filename ~ ".(js|htc|ico|gif|jpg|png|css)$") {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
break;
}
index index.php;
try_files $uri /index.php?$args;
}
}
For you problem I think the key is this:
location /sf/ {
expires max;
root /home/mpurcell/projects/j1n/app/example/current/code/lib/vendor/symfony/data/web/;
}
So I finally got Symfony and php-fpm to play nicely with each other, and one big piece of that puzzle was to swap out apache for nginx. IMO, the rewrite syntax for nginx > apache. So here is an example of my current app server config:
location #rewrite {
rewrite ^/(.*)$ /index.php/$1 last;
}
location /admin {
rewrite ^/admin/(.*)$ /admin/index.php/$1 last;
}
location /app {
rewrite ^/app/(.*)$ /index.php/$1 last;
}
location ~ index\.php {
...
}
I did have to create sub dirs for each controller in the web dir, like this:
/web
index.php
app.php
admin.php
/web
/app/index.php
/admin/index.php
I've had this config in prod now for about 2 months with 0 issues, so hopefully this helps other old school symfonians as well.
This is the config I'm using for symfony 1.4
location ~ \.php($|/) {
fastcgi_pass php56:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
Related
I've got an issue with CSS not being loaded on Magento CE 2.4.3 on both frontend or backend (but the HTML is being rendered correctly). I am in dev mode. The site is compiled and cache is disabled. In order to simplify things I've also disabled the CSS version directory mapping using:
INSERT INTO core_config_data (path, value) VALUES ('dev/static/sign', 0)
ON DUPLICATE KEY UPDATE value = 0;
And cleared cache. (This is the equivalent of Stores > Config > Developer > Static File Settings: Sign Static Files = No, but I can't use the admin UI at present).
I'm getting 404s on the CSS & JS files - as seen in the nginx logs:
80.229.148.211 - - [24/Mar/2022:22:15:21 +0000] "GET /frontend/a1/hawthorn/en_GB/css/print.css HTTP/1.1" 499 0 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:15:48 +0000] "GET / HTTP/1.1" 200 10342 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:07 +0000] "GET /frontend/a1/hawthorn/en_GB/mage/calendar.css HTTP/1.1" 404 9424 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:16 +0000] "GET /frontend/a1/hawthorn/en_GB/mage/requirejs/mixins.js HTTP/1.1" 404 9449 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:18 +0000] "GET /frontend/a1/hawthorn/en_GB/requirejs-config.js HTTP/1.1" 404 9434 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:21 +0000] "GET /frontend/a1/hawthorn/en_GB/css/styles-l.css HTTP/1.1" 404 9421 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:22 +0000] "GET /frontend/a1/hawthorn/en_GB/requirejs/require.js HTTP/1.1" 404 9425 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:25 +0000] "GET /frontend/a1/hawthorn/en_GB/css/styles-m.css HTTP/1.1" 404 9420 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:25 +0000] "GET /pub/media/content/banner_inks.gif HTTP/1.1" 200 12146 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:25 +0000] "GET /pub/media/content/banner_roller.jpg HTTP/1.1" 200 31981 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:54 +0000] "GET /frontend/a1/hawthorn/en_GB/mage/requirejs/mixins.js HTTP/1.1" 404 9450 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:57 +0000] "GET /frontend/a1/hawthorn/en_GB/images/logo_white_black_on_clear_crop.svg HTTP/1.1" 404 9422 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:16:59 +0000] "GET /frontend/a1/hawthorn/en_GB/css/print.css HTTP/1.1" 404 9421 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:17:19 +0000] "GET /frontend/a1/hawthorn/en_GB/requirejs-config.js HTTP/1.1" 404 9434 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
80.229.148.211 - - [24/Mar/2022:22:17:38 +0000] "GET /favicon/stores/1/favicon.png HTTP/1.1" 404 9389 "https://m243.mydomain.com/" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0" "-"
Even though I know I shouldn't need to in dev mode I force deployed the static content (since it wasn't showing up in pub/static) with:
bin/magento setup:static-content:deploy en_GB --exclude-theme Magento/luma --exclude-theme Magento/blank -f
And I can see the files then written in their respective directories e.g. (from the magento home dir)
$ ls -al pub/static/frontend/a1/hawthorn/en_GB/css/
total 612
drwxrwxr-x 2 magento nginx 127 Mar 24 21:26 .
drwxrwxr-x 96 magento nginx 4096 Mar 24 21:26 ..
-rw-rw-r-- 1 magento nginx 18371 Mar 24 21:26 email.css
-rw-rw-r-- 1 magento nginx 4965 Mar 24 21:25 email-fonts.css
-rw-rw-r-- 1 magento nginx 14797 Mar 24 21:26 email-inline.css
-rw-rw-r-- 1 magento nginx 5465 Mar 24 21:25 print.css
-rw-rw-r-- 1 magento nginx 124412 Mar 24 21:25 styles-l.css
-rw-rw-r-- 1 magento nginx 437701 Mar 24 21:26 styles-m.css
I've ensured all permissions are readable by the web server group (nginx) and ownership set running this from the magento root dir:
sudo chown -R magento:nginx ./
This is my nginx.conf:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 200M;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
# For multiple (Magento2) php-fpm sites
upstream fastcgi_backend {
server unix:/run/php-fpm/php-fpm.sock;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
client_max_body_size 200M;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
client_max_body_size 200M;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
include sites-enabled/*.conf;
server_names_hash_bucket_size 64;
}
This is my vhost:
server {
server_name mydomain.com www.mydomain.com m243.mydomain.com;
#index index.html;
#root /var/www/test;
set $MAGE_ROOT /var/www/hpm;
include /var/www/hpm/nginx.conf.sample;
#location ^/le_connector/connector.php {
# allow all;
# satisfy any;
#}
# Load configuration files for the default server block.
#include /etc/nginx/default.d/*.conf;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/m243.mydomain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/m243.mydomain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = m243.mydomain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name mydomain.com www.mydomain.com m243.mydomain.com;
return 404; # managed by Certbot
}
This is my nginx.conf.sample
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# Deny access to sensitive files
location /.user.ini {
deny all;
}
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|custom_options|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version\d*/ {
rewrite ^/static/version\d*/(.*)$ /static/$1 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|eot|ttf|otf|woff|woff2|html|json|webmanifest)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
## The following section allows to offload image resizing from Magento instance to the Nginx.
## Catalog image URL format should be set accordingly.
## See https://docs.magento.com/user-guide/configuration/general/web.html#url-options
# location ~* ^/media/catalog/.* {
#
# # Replace placeholders and uncomment the line below to serve product images from public S3
# # See examples of S3 authentication at https://github.com/anomalizer/ngx_aws_auth
# # resolver 8.8.8.8;
# # proxy_pass https://<bucket-name>.<region-name>.amazonaws.com;
#
# set $width "-";
# set $height "-";
# if ($arg_width != '') {
# set $width $arg_width;
# }
# if ($arg_height != '') {
# set $height $arg_height;
# }
# image_filter resize $width $height;
# image_filter_jpeg_quality 90;
# }
try_files $uri $uri/ /get.php$is_args$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php$is_args$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php$is_args$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
location /media/custom_options/ {
deny all;
}
location /errors/ {
location ~* \.xml$ {
deny all;
}
}
# PHP entry point for le_connector application
location /le_connector {
root $MAGE_ROOT;
location ~ ^/le_connector/connector.php {
### This fixes the problem:
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
################################
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/le_connector/(?!pub/). {
deny all;
}
location ~ ^/le_connector/pub/ {
add_header X-Frame-Options "SAMEORIGIN";#
}
}
# PHP entry point for main application
location ~ ^/(index|info|connector|get|static|errors/report|errors/404|errors/503|health_check)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=18000";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#pass multi-site variables
fastcgi_param MAGE_RUN_TYPE $MAGE_RUN_TYPE;
fastcgi_param MAGE_RUN_CODE $MAGE_RUN_CODE;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
deny all;
}
Any ideas would be really appreciated - thanks for reading!
So it turned out in my flailing around to fix other issues I'd set these values mistakenly:
MariaDB [magento]> select * from core_config_data where value like "%_base_url%" \G;
*************************** 1. row ***************************
config_id: 71
scope: default
scope_id: 0
path: web/unsecure/base_static_url
value: {{unsecure_base_url}}
updated_at: 2022-03-23 22:12:52
*************************** 2. row ***************************
config_id: 72
scope: default
scope_id: 0
path: web/unsecure/base_media_url
value: {{unsecure_base_url}}
updated_at: 2022-03-23 22:12:52
*************************** 3. row ***************************
config_id: 73
scope: default
scope_id: 0
path: web/secure/base_static_url
value: {{unsecure_base_url}}
updated_at: 2022-03-23 22:12:52
*************************** 4. row ***************************
config_id: 74
scope: default
scope_id: 0
path: web/secure/base_media_url
value: {{unsecure_base_url}}
updated_at: 2022-03-23 22:12:52
*************************** 5. row ***************************
config_id: 701
scope: default
scope_id: 0
path: web/unsecure/base_link_url
value: {{unsecure_base_url}}
updated_at: 2022-03-23 22:12:52
*************************** 6. row ***************************
config_id: 703
scope: default
scope_id: 0
path: web/secure/base_link_url
value: {{unsecure_base_url}}
updated_at: 2022-03-23 22:12:52
6 rows in set (0.001 sec)
Clearing these with
update core_config_data set value = NULL where value like "%_base_url%";
sorted out the problem :)
upstream fastcgi_backend {
server unix:/var/run/php/php7.4-fpm.sock;
}
server {
listen 80;
server_name _;
set $MAGE_ROOT /var/www/html/magento;
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
client_max_body_size 32M;
# Deny access to sensitive files
location /.user.ini {
deny all;
}
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|custom_options|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version\d*/ {
rewrite ^/static/version\d*/(.*)$ /static/$1 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|eot|ttf|otf|woff|woff2|html|json|webmanifest)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
rewrite /media/catalog/product/cache/[a-z0-9]+/(\S+) /media/catalog/product/$1 last;
location /media/ {
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
# Proxying to AWS S3 storage.
resolver 8.8.8.8;
set $bucket "mermaidtools-magento-files-2023020510381437940000000b";
proxy_pass https://s3.us-east-1.amazonaws.com/$bucket$uri;
proxy_pass_request_body off;
proxy_pass_request_headers off;
proxy_intercept_errors on;
proxy_hide_header "x-amz-id-2";
proxy_hide_header "x-amz-request-id";
proxy_hide_header "x-amz-storage-class";
proxy_hide_header "Set-Cookie";
proxy_ignore_headers "Set-Cookie";
}
try_files $uri $uri/ /get.php$is_args$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|svgz|webp|avif|avifs|js|css|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php$is_args$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php$is_args$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
location /media/custom_options/ {
deny all;
}
location /errors/ {
location ~* \.xml$ {
deny all;
}
}
# PHP entry point for main application
location ~ ^/(index|get|static|errors/report|errors/404|errors/503|health_check|pinfo)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=18000";
fastcgi_param HTTPS "on";
fastcgi_param HTTP_X_FORWARDED_PROTO "https";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
deny all;
}
}
We have a strange problem with Nginx. In Chrome the application, the images does not work. It gives an 404 for images. Css do load. When clicking on the image url it opens. The problem is that tha webserver gives mime type: Content-Type: text/html. The CSS files do get the correct mime type.
In nginx.conf the mime types are loaded with all image mime types in it:
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
We created an custom conf file with additional rules:
server {
listen 80;
server_name acceptatie.portal.***.com *.portal.***.com;
root /home/fsweb/www/portal;
index index.html index.php;
access_log /var/log/nginx/portal.***.com.access.log;
error_log /var/log/nginx/portal.***.com.error.log error;
location ~ /\.git {
deny all;
}
location ~ /\. {
deny all;
}
location ~ (\.md$|myadmin) {
deny all;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
server_tokens off;
location ~ \.php$ {
#include snippets/fastcgi-php.conf;
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
add_header x-xss-protection "1; mode=block" always;
add_header x-frame-options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
}
It works for all files except the image files. I already tried to import the mime files in my custom conf file in different positions but it keeps giving text/html. Chrome blocks the images and Firefox ignores this problem.
Did i do something wrong?
--- UPDATE ---
I have tried via curl -i. The response is right:
HTTP/1.1 200 OK
Date: Tue, 26 Mar 2019 09:55:23 GMT
Content-Type: image/png
Content-Length: 6229
Last-Modified: Wed, 27 Jun 2018 07:24:21 GMT
Connection: keep-alive
ETag: "5b333ba5-1855"
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
But when using Chrome the response is wrong:
Connection: Close
Content-Type: text/html
I'm using nginx.
Nginx is not working properly routing the short address.
Sorry, I'm using google translate. My English bad.
Example;
location /a {
return 301 http://www.example.com/abcd;
}
Or
location /a {
rewrite ^(.*)$ http://www.example.com/abcd permanent;
}
Doesn't work.
Response: Too many redirects;
>>> http://www.example.com/a
> --------------------------------------------
> 301 Moved Permanently
> --------------------------------------------
Status: 301 Moved Permanently
Code: 301
Server: nginx
Date: Fri, 16 Oct 2015 23:46:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: http://www.example.com/abcd
>>> http://www.example.com/abcd
> --------------------------------------------
> 301 Moved Permanently
> --------------------------------------------
Status: 301 Moved Permanently
Code: 301
Server: nginx
Date: Fri, 16 Oct 2015 23:46:00 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: http://www.example.com/abcd
>>> http://www.example.com/abcd
> --------------------------------------------
> 301 Moved Permanently
> --------------------------------------------
Status: 301 Moved Permanently
Code: 301
Server: nginx
Date: Fri, 16 Oct 2015 23:46:01 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: http://www.example.com/abcd
>>> http://www.example.com/abcd
> --------------------------------------------
> 301 Moved Permanently
> --------------------------------------------
Status: 301 Moved Permanently
Code: 301
Server: nginx
Date: Fri, 16 Oct 2015 23:46:01 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: http://www.example.com/abcd
But long address successful;
location /what-can-i-do {
rewrite ^(.*)$ http://www.example.com/please-help-me permanent;
}
My /etc/nginx/sites-available/example.com configuration;
server {
server_name example.com www.example.com;
if ($http_host = example.com) {
return 301 http://www.example.com$request_uri;
}
listen 00.00.00.00:80;
root /home/example/public_html;
index index.html index.htm index.php;
access_log /var/log/virtualmin/example.com_access_log;
error_log /var/log/virtualmin/example.com_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/example/public_html$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/example/public_html;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location /a {
return 301 http://www.example.com/abcd;
}
location /ajax {
add_header "Access-Control-Allow-Origin" "*";
try_files $uri $uri/ /index.php?$args;
}
set $no_cache "";
if ($request_method = POST)
{
set $no_cache 1;
}
if ($request_method !~ ^(GET|POST|HEAD)$ ) {
return 444;
}
server_tokens off;
server_name_in_redirect off;
location ~* .(ico|webp|css|js|ico|bmp|zip|woff)$
{
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
try_files $uri /index.html;
}
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
location / {
try_files $uri $uri/ #rewrites;
}
location #rewrites {
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php/$1 last;
break;
}
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
fastcgi_intercept_errors on;
location ~ \.php {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass_header Set-Cookie;
fastcgi_pass_header Cookie;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
listen 00.00.00.00:00 default ssl;
ssl_certificate /home/example/ssl.cert;
ssl_certificate_key /home/example/ssl.key;
}
Anything that follows /a is sent to /abcd which matches the /a given the current options=> When /a is requested, redirect to /a => An infinate loops occurs.
location /a {
return 301 http://www.example.com/abcd;
}
Change it into location = /a { and it will behave differently.
tl;dr
A location block looks like this:
location optional_modifier location_match {
. . .
}
Here's a very informative page, quote about the optional_modifier:
(none): If no modifiers are present, the location is interpreted as a prefix match. This means that the location given will be matched against the beginning of the request URI to determine a match.
=: If an equal sign is used, this block will be considered a match if the request URI exactly matches the location given.
...
Hence, set it to = to make a direct match, or any of the other options available.
I am trying to move a project to Nginx + PHP-FPM with a virtual host. But when I try to load the website, I receive a file called 'download' with the contents of the index.php.
contents of nginx.conf:
user nginx nginx;
worker_processes 4;
worker_rlimit_nofile 64000;
error_log /var/log/nginx/error_log debug;
events {
worker_connections 16000;
multi_accept on;
use epoll;
}
http {
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
access_log on;
disable_symlinks if_not_owner;
ignore_invalid_headers on;
server_tokens off;
keepalive_timeout 20;
client_header_timeout 20;
client_body_timeout 20;
reset_timedout_connection on;
send_timeout 20;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
charset UTF-8;
gzip on;
gzip_vary on;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js image/x-icon image/bmp;
server {
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/run/php-fpm.socket;
fastcgi_index index.php;
}
}
include /etc/nginx/sites-enabled/*;
}
contents of the vhost file:
server {
listen 127.0.0.1:80;
server_name yps.dev;
access_log /var/log/nginx/yps.access_log main;
error_log /var/log/nginx/yps.error_log debug;
root /home/bobbles/projects/yps_upstream/www/public;
index index.cgi index.htm index.html index.php;
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/run/php-fpm.socket;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
}
}
The included fastcgi parameters:
# cat /etc/nginx/fastcgi.conf
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
the PHP-FPM pool:
[www]
listen =/run/php-fpm.socket
listen.owner = nginx
listen.mode = 0666
user = nobody
group = nobody
pm = dynamic
pm.max_children = 50
pm.start_servers = 20
pm.min_spare_servers = 5
pm.max_spare_servers = 35
php_admin_value[error_log] = /var/log/fpm-php.www.log
php_admin_flag[log_errors] = on
the socket:
# ls -al /run/php-fpm.socket
srw-rw-rw- 1 nginx nginx 0 Oct 12 22:12 /run/php-fpm.socket
In the access logs and the error logs, there is no output except a timeout in the error log:
==> /var/log/nginx/error_log <==
2014/10/12 22:15:39 [info] 3317#0: *19 client closed connection while waiting for request, client: 127.0.0.1, server: 0.0.0.0:80
2014/10/12 22:15:39 [info] 3317#0: *20 client closed connection while waiting for request, client: 127.0.0.1, server: 0.0.0.0:80
The access log is silent.
What am I doing wrong? /var/log/fpm-php.www.log never gets created, so I assume that means that the request is never getting to php-fpm, but then what is wrong with my nginx config?
EDIT:
This is what happens when I try to access a static file from the directory:
==> /var/log/nginx/localhost.error_log <==
2014/10/12 21:16:04 [error] 3021#0: *3 openat() "/usr/share/nginx/html/email.html" failed (2: No such file or directory), client: 127.0.0.1, server: localhost, request: "GET /email.html HTTP/1.1", host: "yps.dev"
==> /var/log/nginx/localhost.access_log <==
127.0.0.1 - - [12/Oct/2014:21:16:04 +0200] "GET /email.html HTTP/1.1" 404 410 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.101 Safari/537.36" "3.10"
==> /var/log/nginx/yps.error_log <==
2014/10/12 21:16:23 [info] 3021#0: *4 client closed connection while waiting for request, client: 127.0.0.1, server: 0.0.0.0:80
apparently the request is simultaneously being passed to the yps virtualhost, and not.
this is an updated version of your vhost file that might work :
server {
listen 80;
server_name yps.dev;
access_log /var/log/nginx/yps.access_log main;
error_log /var/log/nginx/yps.error_log debug;
root /home/bobbles/projects/yps_upstream/www/public;
index index.php index.htm index.html;
location / {
try_files $uri $uri/ #handler;
}
location #handler {
rewrite / /index.php;
}
location ~ \.php$ {
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm.socket;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include /etc/nginx/fastcgi.conf;
}
}
My nginx version is :
root#v-enterprise15:/etc/nginx/conf.d# nginx -v
nginx: nginx version: nginx/1.0.5
My application is installed at
/usr/share/nginx/www/magento/current
When I access
http://{my_server}:81/magento/current/index.php
it works fine. This is because the server root is set to /usr/share/nginx/www;
Now I want to acces the app using http://{myserver}:81/index.php.
When I change the server root to /usr/share/nginx/www/magento/current and type the above URL, it REDIRECTS with http 302 to
http://{my_server}:81/magento/current
What might be the reason for this?
It then applies other rules from my .conf and gives a 404.
I see this in the access log:
[31/Jul/2012:11:19:23 +0530] "GET /index.php HTTP/1.1" 302 5 "-" "Opera/9.80 (Windows NT 6.1; U; en) Presto/2.10.229 Version/11.64"
My .conf file is:
server {
listen 81 default;
## SSL directives might go here
server_name {my_server};
#root /usr/share/nginx/www;
root /usr/share/nginx/www/magento/current;
error_log /var/log/nginx.error.log notice;
access_log /var/log/nginx.access.log ;
rewrite_log on;
location / {
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ #magehandler; ## If missing pass the URI to Magento's front handler
#try_files $uri $uri/ ; ## If missing pass the URI to Magento's front handler
#expires 30d; ## Assume all files are cachable
}
location ^~ /. { ## Disable .htaccess and other hidden files
return 404;
}
location #magehandler { ## Magento uses a common front handler
#rewrite / /index.php;
rewrite ^(.*) index.php$1 last;
}
#The more-specific regex are at the top.
#The regex's are evaluated in the order in which they appear.
location ~ .php$ { ## Execute PHP scripts
#if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
proxy_read_timeout 120;
proxy_connect_timeout 120;
expires off; ## Do not cache dynamic content
fastcgi_pass 127.0.0.1:9000;
#fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
}
location ~ /(media|skin|js)/ { }
location ~ /(tag|admin|customer|wishlist|checkout|catalog|app).*$ { #store URL
rewrite /(.*)$ /index.php/$1 last;
}
location ~ /[a-zA-Z]+$ { #store URL
rewrite ^/([a-zA-Z]+) ?store=$1 last;
}
location ~ /[a-zA-Z]+/ { #store URL
rewrite ^/([a-zA-Z]+)(.*) /$2?store=$1 last;
}
Since you have not any redirects in your nginx config, then it is most likely that redirect caused by your application.