I have a Ruby on Rails application that is working great with the nginx configuration pasted below. The problem is, I'm trying to add a new url http://www.example.com/gpp that will point to a completely directory path/app on the server. Here's my configuration:
upstream fi {
server unix:/media/apps/example/shared/tmp/pids/thin.0.sock;
server unix:/media/apps/example/shared/tmp/pids/thin.1.sock;
server unix:/media/apps/example/shared/tmp/pids/thin.2.sock;
server unix:/media/apps/example/shared/tmp/pids/thin.3.sock;
}
server {
listen 80;
gzip on;
gzip_min_length 1000;
gzip_types application/json text/css application/x-javascript;
server_name example.com www.example.com;
sendfile on;
keepalive_timeout 65;
client_max_body_size 2m;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
#root /media/apps/example/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
root /media/apps/example/current/public;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_connect_timeout 3600;
send_timeout 3600;
proxy_read_timeout 3600;
if (!-f $request_filename) {
proxy_pass http://fi;
break;
}
}
location /gpp {
alias /media/apps/podcast;
index index.php index.html index.htm;
}
}
Whenever I visit http://www.example.com/gpp it just goes to the Rails app listed in location / instead of the PHP app I have running in /media/apps/podcast. I also tried changing the alias directive to root but that doesn't do the trick either.
I don't see a location directive for your /media/apps/podcast alias. I think this
location /gpp {
alias /media/apps/podcast;
index index.php index.html index.htm;
}
should just be
location /gpp {
root /media/apps/podcast;
index index.php index.html index.htm;
}
Give this a try:
location /podcast {
root /media/apps/;
index index.php index.html index.htm;
location ~ ^/podcast/(.+\.php)$ {
try_files $uri =404;
root /media/apps/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/podcast/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /media/apps/;
}
}
location /gpp {
rewrite ^/* /podcast last;
}
Related
I am trying to use nginx configuration to disable mailcow admin panel from the internet so that it is only accessible on the LAN.
Admin panel have default URL mail.xz.com
location / {
try_files $uri $uri/ #strip-ext;
#Allow ip
allow 192.168.250.0/25;
#deny for everybody else
deny all;
}
And after this webmail in URL mail.xz.com/SOGo stop working.
location /rspamd/ {
#Allow ip
allow 192.168.250.0/25;
#deny for everybody else
deny all;
I don't understand this because other /somethink URLs work.
For example, blocking works fine for me at mail.xz.com/rspamd. If I remove the block and leave it for / then rspamd works but SOGo doesn't.
I don't understand.
The whole configuration
include /etc/nginx/mime.types;
charset utf-8;
override_charset on;
server_tokens off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305;
ssl_ecdh_curve X25519:X448:secp384r1:secp256k1;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
ssl_session_tickets off;
add_header Strict-Transport-Security "max-age=15768000;";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy strict-origin;
index index.php index.html;
client_max_body_size 0;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied off;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
location ~ ^/(fonts|js|css|img)/ {
expires max;
add_header Cache-Control public;
}
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
fastcgi_hide_header X-Powered-By;
absolute_redirect off;
root /web;
location / {
try_files $uri $uri/ #strip-ext;
#Allow ip
allow 192.168.250.0/25;
#deny for everybody else
#deny all;
}
location /qhandler {
rewrite ^/qhandler/(.*)/(.*) /qhandler.php?action=$1&hash=$2;
}
location /edit {
rewrite ^/edit/(.*)/(.*) /edit.php?$1=$2;
}
location #strip-ext {
rewrite ^(.*)$ $1.php last;
}
location ~ ^/api/v1/(.*)$ {
try_files $uri $uri/ /json_api.php?query=$1&$args;
}
location ^~ /.well-known/acme-challenge/ {
allow all;
default_type "text/plain";
}
# If behind reverse proxy, forwards the correct IP
set_real_ip_from 10.0.0.0/8;
set_real_ip_from 172.16.0.0/12;
set_real_ip_from 192.168.0.0/16;
set_real_ip_from fc00::/7;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
rewrite ^/.well-known/caldav$ /SOGo/dav/ permanent;
rewrite ^/.well-known/carddav$ /SOGo/dav/ permanent;
location ^~ /principals {
return 301 /SOGo/dav;
}
location ^~ /inc/lib/ {
deny all;
return 403;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass phpfpm:9002;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
}
location /rspamd/ {
#Allow ip
allow 192.168.250.0/25;
#deny for everybody else
deny all;
location /rspamd/auth {
# proxy_pass is not inherited
proxy_pass http://rspamd:11334/auth;
proxy_intercept_errors on;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
error_page 403 /_rspamderror.php;
}
proxy_pass http://rspamd:11334/;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
}
location ~* ^/Autodiscover/Autodiscover.xml {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass phpfpm:9002;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files /autodiscover.php =404;
}
location ~* ^/Autodiscover/Autodiscover.json {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass phpfpm:9002;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files /autodiscover-json.php =404;
}
location ~ /(?:m|M)ail/(?:c|C)onfig-v1.1.xml {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass phpfpm:9002;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files /autoconfig.php =404;
}
location /sogo-auth-verify {
allow all;
internal;
proxy_set_header X-Original-URI $request_uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header Content-Length "";
proxy_pass http://127.0.0.1:65510/sogo-auth;
proxy_pass_request_body off;
}
location ^~ /Microsoft-Server-ActiveSync {
include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
include /etc/nginx/conf.d/sogo_eas.active;
proxy_connect_timeout 75;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
proxy_buffer_size 128k;
proxy_buffers 64 512k;
proxy_busy_buffers_size 512k;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
client_body_buffer_size 512k;
client_max_body_size 0;
}
location ^~ /SOGo {
location ~* ^/SOGo/so/.*\.(xml|js|html|xhtml)$ {
include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
include /etc/nginx/conf.d/sogo.active;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
proxy_set_header x-webobjects-remote-host $remote_addr;
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
proxy_set_header x-webobjects-server-port $server_port;
proxy_hide_header Content-Type;
add_header Content-Type text/plain;
break;
}
include /etc/nginx/conf.d/includes/sogo_proxy_auth.conf;
include /etc/nginx/conf.d/sogo.active;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header x-webobjects-server-protocol HTTP/1.0;
proxy_set_header x-webobjects-remote-host $remote_addr;
proxy_set_header x-webobjects-server-name $server_name;
proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
proxy_set_header x-webobjects-server-port $server_port;
proxy_buffer_size 128k;
proxy_buffers 64 512k;
proxy_busy_buffers_size 512k;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
client_body_buffer_size 128k;
client_max_body_size 0;
break;
}
location ~* /sogo$ {
return 301 $client_req_scheme://$http_host/SOGo;
}
location /SOGo.woa/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
}
location /.woa/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
}
location /SOGo/WebServerResources/ {
alias /usr/lib/GNUstep/SOGo/WebServerResources/;
}
location (^/SOGo/so/ControlPanel/Products/[^/]*UI/Resources/.*\.(jpg|png|gif|css|js)$) {
alias /usr/lib/GNUstep/SOGo/$1.SOGo/Resources/$2;
}
include /etc/nginx/conf.d/site.*.custom;
error_page 502 #awaitingupstream;
location #awaitingupstream {
rewrite ^(.*)$ /_status.502.html break;
}
location ~ ^/cache/(.*)$ {
try_files $uri $uri/ /resource.php?file=$1;
Thanks
I have the following block in my nginx configuration file:
location /cat {
try_files $uri $uri/ /index.php?url=$uri;
}
When I try any of the following URLs, this works as expected:
http://example.com/cat/test
http://example.com/cat/test/test
http://example.com/cat/t
The following, however, do not. Instead of a redirect, I get a 404 error.
http://example.com/cat/test/
http://example.com/cat/test/test/
http://example.com/cat/t/
I'm not very experienced with nginx, so let me know what further information might be needed. This has me quite stumped.
Edit: I did come across this, but I would prefer to avoid using rewrite (for the sake of efficiency), plus this seems like an unnecessary band-aid:
https://serverfault.com/questions/755646/nginx-use-try-files-to-serve-file-instead-of-directory
Edit 2: Here is the full config
server {
listen 64.40.99.86:80;
server_name example.com;
server_name www.example.com;
client_max_body_size 128m;
root "/var/www/vhosts/example.com/httpdocs";
access_log "/var/www/vhosts/system/example.com/logs/proxy_access_log";
error_log "/var/www/vhosts/system/example.com/logs/proxy_error_log";
if ($host ~* ^example.com$) {
rewrite ^(.*)$ http://www.example.com$1 permanent;
}
location / {
proxy_pass http://64.40.99.86:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /internal-nginx-static-location/ {
alias /var/www/vhosts/example.com/httpdocs/;
add_header X-Powered-By PleskLin;
internal;
}
location ~ ^/~(.+?)(/.*?\.php)(/.*)?$ {
alias /var/www/vhosts/example.com/web_users/$1/$2;
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ ^/~(.+?)(/.*)?$ {
proxy_pass http://64.40.99.86:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location ~ \.php(/.*)?$ {
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass "unix:///var/www/vhosts/system/example.com/php-fpm.sock";
include /etc/nginx/fastcgi.conf;
}
location ~ /$ {
index index.html index.cgi index.pl index.php index.xhtml index.htm index.shtml;
}
location /cat {
try_files $uri $uri/ /index.php?url=$uri;
}
}
I want NGINX to forward any requests to the domain name http://home.com to proxy_pass http://localhost:8866;. I have set a root root /home/owncloud;, in the NGINX configuration file where the document root of ownCloud is located. This should point to http://home.com/owncloud Under the http://localhost:8866 I have a Docker container running hosting Wordpress. However, NGINX always points the Reverse Proxy to the actual document root of the server (root /home/owncloud) when I try to access http://home.com
Thank you for your input on this - I already browsed through a lot of documentation, but currently I am not able to find a solution myself. Thanks!
This is my NGINX configuration file:
upstream php-handler {
server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name home.com;
index index.html index.htm index.php;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
ssl on;
listen 443 ssl;
server_name home.com;
server_name 123.456.789.10 ssl;
ssl_certificate /home/ssl/certificate.pem;
ssl_certificate_key /home/ssl/owncloud.key;
index index.html index.htm index.php;
root /space/owncloud;
try_files $uri $uri/ /index.php?q=$request_uri;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# set max upload size
client_header_buffer_size 64k;
large_client_header_buffers 4 64k;
# Disable gzip to avoid the removal of the ETag header
gzip off;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
index index.php index.html index.htm;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8866;
proxy_read_timeout 90;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; allow all; }
location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
expires max;
log_not_found off;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
proxy_pass_header Authorization;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
}
location /owncloud {
index index.html index.htm index.php;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
# attachments can be huge
client_max_body_size 513M;
client_body_in_file_only clean;
# this is where requests body are saved
client_body_temp_path /opt/nginx/bugzilla/data/request_body 1 2;
}
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
If you need to forward all requests another port at your localhost, you need merely this:
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8866$request_uri;
proxy_read_timeout 90;
}
Note, there is no "=" equal sign before the slash /. location / {} means "exact match of /".
In your code nothing really tryes to forward all requests to localhost. Only requests to index page (document root, i.e. "/") are forwarded.
If you pass all requests to the the process at localhost:8866, none of other location sections will even be tested, so once you make sure your proxy_pass works, you may delete them.
i've got a site on xyz.com and piwik on xyz.com/piwik. Piwik is running fine, but unfortunately not all data - requested by piwik - are handled by the server.
I've watched behaviour like:
xyz.com/piwik/ -> error
xyz.com/piwik/index.php -> is fine
xyz.com/piwik/?module=... -> error
nginx.conf
# Configuration containing list of application servers
upstream wsgi_cluster {
server ***.***.112.44:5000;
}
# Default server configuration
#
server {
listen 80;
error_log /var/log/nginx/http.error.log warn;
server_name xxx;
return 301 https://$server_name$request_uri;
}
# HTTPS server
server {
listen 443 ssl;
server_name xxx;
auth_basic "Restricted";
root /usr/share/nginx/html;
index index.html index.htm;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
error_log /var/log/nginx/https.error.log warn;
charset utf-8;
location /piwik/ {
location ~ /piwik/(.*\.php)(/.*)?$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#fastcgi_index index.php;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 60s;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
proxy_buffering off;
proxy_temp_file_write_size 64k;
proxy_pass http://wsgi_cluster;
proxy_redirect off;
}
# Deny certain User-Agents (case insensitive)
# The ~* makes it case insensitive as opposed to just a ~
if ($http_user_agent ~* "Baiduspider|Jullo|AcoiRobot" ) {
return 403;
}
error_page 502 /502.html;
location = /502.html {
root /etc/nginx/;
internal;
}
error_page 401 /401.html;
location = /401.html {
root /etc/nginx/;
internal;
}
}
my-site.conf
# Configuration containing list of application servers
upstream wsgi_cluster {
server ***.***.112.44:5000;
}
# Default server configuration
#
server {
listen 80;
error_log /var/log/nginx/http.error.log warn;
server_name xxx;
return 301 https://$server_name$request_uri;
}
# HTTPS server
server {
listen 443 ssl;
server_name xxx;
auth_basic "Restricted";
root /usr/share/nginx/html;
index index.html index.htm;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
error_log /var/log/nginx/https.error.log warn;
charset utf-8;
location /piwik/ {
location ~ /piwik/(.*\.php)(/.*)?$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#fastcgi_index index.php;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Restricted";
auth_basic_user_file /etc/nginx/.htpasswd;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 60s;
proxy_send_timeout 90s;
proxy_read_timeout 90s;
proxy_buffering off;
proxy_temp_file_write_size 64k;
proxy_pass http://wsgi_cluster;
proxy_redirect off;
}
# Deny certain User-Agents (case insensitive)
# The ~* makes it case insensitive as opposed to just a ~
if ($http_user_agent ~* "Baiduspider|Jullo|AcoiRobot" ) {
return 403;
}
error_page 502 /502.html;
location = /502.html {
root /etc/nginx/;
internal;
}
error_page 401 /401.html;
location = /401.html {
root /etc/nginx/;
internal;
}
}
You are missing any default action for the /piwik/ URI. Presumably, if no other matching file is found, you would like the /piwik/index.php URI to be tried. Add a try_files directive to the outer location block, for example:
location /piwik/ {
try_files $uri /piwik/index.php$is_args$args;
location ~ /piwik/(.*\.php)(/.*)?$ { ... }
}
Now, I have two projects(sites) based on Laravel + PHP + MySQL + Nginx, vistors can access them by typing:
http://www.mysite.com:80
http://www.mysite.com:8001
Can I change the accessing method to virtual folder not by port?
http://www.mysite.com/project1
http://www.mysite.com/project2
The nginx conf files are (at /etc/nginx/conf.d/):
project1.conf
server {
listen *:80;
server_name mysite.com www.mysite.com;
server_tokens off;
root /var/www/html/project1/public;
client_max_body_size 100m;
access_log /var/log/nginx/project1_access.log;
error_log /var/log/nginx/project1_error.log;
location / {
index index.php index.html;
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
project2.conf
server {
listen *:80;
server_name www.mysite.com;
server_tokens off;
root /var/www/html/project2/public;
client_max_body_size 100m;
access_log /var/log/nginx/project2_access.log;
error_log /var/log/nginx/project2_error.log;
location / {
index index.php index.html;
if (!-f $request_filename){
rewrite (.*) /index.php;
}
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
The only decent way to do it is by folder and virtual host rather than port.
Sure - an example config will look like this:
1 Define your app servers
server {
listen 8080;
root /var/www/html/project1/public;
......
}
server {
listen 8081;
root /var/www/html/project2/public;
......
}
2 Define your proxy server
server {
listen 80;
server_name mysite.com www.mysite.com;
.....
location /project1 {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
.....
}
location /project2 {
proxy_pass http://localhost:8081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
....
}
}