I am trying to configure wordpress and came to the step when i want to use sample or my own pages. Unfortunately it seems like i didnt configure nginx correctly but i just cant seem to find howto. Either its an old or irrelevant to my version of nginx(1.2.1-2.2+wheezy2) or just incomplete. Can somebody provide a sample nginx wordpress config or just tell me which of the following is most correct to get it working?
location /wordpress {
try_files $uri $uri/ /etc/wordpress/index.php?$args;
}
or
location /wp/wp-content/ {
alias /usr/share/wordpress/wp-content/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
or something else?
Here is the nginx conf file I am using on my local mac for local development in case it helps:
user matt staff;
worker_processes 4;
events {
worker_connections 768;
}
http {
client_max_body_size 100M;
include mime.types;
types_hash_max_size 2048;
default_type text/plain;
server_tokens off;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
index index.html index.php;
log_format main '[$time_local]: $domain - "$request" '
'status:$status bytes:$body_bytes_sent "$http_referer" ';
access_log /Users/matt/Library/Logs/nginx/access.log main;
error_log /Users/matt/Library/Logs/nginx/error.log;
upstream www-upstream-pool {
server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name ~^(?:(?<subdomain>\w*)\.)?(?<domain>\w+)\.wp$;
set $basepath "/Users/matt/pls-sites";
set $rootpath "${domain}";
if ($domain ~ 'wordpress'){
set $rootpath "wordpress/httpdocs/web";
}
root $basepath/$rootpath;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$args; # /index.html;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location ~ .php$ {
fastcgi_split_path_info ^(.+.php)(/.+)$;
fastcgi_pass www-upstream-pool;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_read_timeout 300;
}
}
}
Related
I need to redirect both www to non www and HTTP to HTTPS with nginx. I can get it to redirect but then I get a `too many redirects' error.
I'm using the Azure AppService version of WordPress. This version uses the wordpress-alpine-php docker image, running nginx version 1.20.2.
The nginx.conf file includes:
/etc/nginx/conf.d/*.conf
/etc/nginx/modules-enabled/*.conf
I don't see a modules-enabled directory.
For the HTTP to https redirect, I added the following server directive to default.conf:
server {
listen 80;
server_name ---.com www.---.com;
return 301 https://---.com$request_uri;
}
After this, I get the "too many redirects" error.
I noticed the following server block also listens on port 80, so I changed it to 443. I still get the "too many redirects".
Below are my conf files. The only change I made was adding the server directive above, and changing the port to 443 in the original server directive.
How do I get these redirects to work?
Could there be other files involved?
/etc/nginx/nginx.conf
user nginx;
worker_processes auto;
# send nginx error logs to stderr
error_log /dev/stderr error;
pid /var/run/nginx.pid;
load_module modules/ngx_http_brotli_static_module.so;
load_module modules/ngx_http_brotli_filter_module.so;
events {
worker_connections 10000;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
sendfile on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/modules-enabled/*.conf;
}
/etc/nginx/conf.d/default.conf
upstream php {
server unix:/var/run/php/php-fpm.sock;
#server 127.0.0.1:9000;
}
server {
listen 80;
server_name ---.com www.---.com;
return 301 https://---.com$request_uri;
}
server {
listen 443;
## Your website name goes here.
server_name _;
if ($http_x_forwarded_proto = "http") {
return 301 https://---.com$request_uri;
}
## Your only path reference.
root /home/site/wwwroot;
## This should be in your http block and if it is, it's not needed here.
index index.php;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Add locations of phpmyadmin here.
location /phpmyadmin {
root /home/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /home/;
fastcgi_pass unix:/var/run/php/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /home/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
sendfile off;
set $skip_cache 0;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don't cache uris containing the following segments
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
# Don't cache WooCommerce URLs
# Cart widgets are still a problem: https://github.com/emcniece/docker-wordpress/issues/3
if ($request_uri ~* "/(cart|checkout|my-account)/*$") {
set $skip_cache 1;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location ~* \.php$ {
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi.conf;
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass php;
fastcgi_read_timeout 300;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache off;
fastcgi_cache_valid 60m;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
You need to add ssl flag to your listen directive if you want to use HTTPS. And specify your SSL certificate - something like this:
server {
listen 443 ssl http2;
server_name ---.com;
ssl_session_cache shared:SSL:4m; # measured in megabytes, not minutes
ssl_buffer_size 4k; # reduced from the default 16k to minimize TTFB
ssl_session_timeout 30m;
ssl_session_tickets on; # Requires nginx >= 1.5.9 (SSL labs testing leads to SSL: error:14094085:SSL routines:SSL3_READ_BYTES:ccs received early)
ssl_dhparam /etc/ssl/dhparam.pem; # Generate with "openssl dhparam -out dhparam.pem 4096"
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_stapling on;
ssl_stapling_verify on;
resolver 1.1.1.1 valid=300s ipv6=off;
resolver_timeout 4s;
ssl_certificate /etc/ssl/fullchain.pem;
ssl_certificate_key /etc/ssl/key.pem;
.......
}
I have the following nginx.conf
problem
folder /legacy/app has some files that I don't want to be accessible,
I thought the following location redirects all requests to php:
location / { try_files $uri $uri/ /index.php?$query_string;}
but I can open files like site.com/php-fpm.conf for example which I want to avoid.
question
What would be the best solution to prevent opening such static files without having custom locations like
location ~ \.(md|conf)$ {deny all;}
nginx.conf
worker_processes 1;
daemon off;
worker_rlimit_nofile 8192;
pid /tmp/nginx.pid;
user nginx;
error_log stderr;
events {
worker_connections 4096;
}
http {
client_body_temp_path /tmp/client_body_temp_path;
proxy_temp_path /tmp/nginx-proxy-temp-path;
fastcgi_temp_path /tmp/fastcgi_temp_path;
include .nginx/mime.types;
include .nginx/proxy.conf;
include .nginx/fastcgi.conf;
index index.php;
log_format client_logs
'$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
default_type application/octet-stream;
tcp_nodelay on;
sendfile on;
tcp_nopush on;
server_names_hash_bucket_size 128;
keepalive_timeout 120;
port_in_redirect off; # Ensure that redirects don't include the internal container PORT - 8080
gzip on;
server {
server_name localhost;
listen 8080;
access_log /dev/stdout client_logs;
error_log /dev/stderr;
root /legacy/app;
index index.php;
error_page 500 502 503 504 /50x.html;
# do not list us in search engines
location = /robots.txt {
add_header Content-Type text/plain;
return 200 "User-agent: *\nDisallow: /\n";
access_log off;
log_not_found off;
}
location ~ ^/(images|javascript|js|css|fonts|static|assets)/ {
root /legacy/app/;
expires 30d;
add_header Cache-Control public;
access_log off;
}
location ~ \.php$ {
root /legacy/app;
fastcgi_pass 127.0.0.1:9000;
fastcgi_read_timeout 600s;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
}
}
}
What try_files does is look for the file in the order you specify and the last argument is the fallback url.
So basically try_files $uri $uri/ /index.php?$query_string; looks for file $url and serves it if it exists. Then it looks for directory $url/ and serves it if it exists. If both the file and directory does not exist, it will fallback to the php file.
So if going by this approach you can try something like this:
location / {
try_files _ /index.php?$query_string;
}
This will look for a file with name _ which should not exist in your document root and will issue an internal redirect to index.php.
You can also set status code like this:
location / {
try_files _ =403;
}
I am trying to set the slimframework on nginx webserver. Below is my current settings. I am using the slim/slim-skeleton. Whenever I run e.g. http://myip/apiv1 it points to the index.php in /var/www/html. Even I run anything example http://myip/apiv1/token its the same as above. I tried changing the root /var/www/html/apiv1/public; to alias /var/www/html/apiv1/public; its the same. What else does nginx require any special settings.
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
server_tokens off;
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/blockuseragents.rules;
limit_conn_zone $binary_remote_addr zone=addr:5m;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
#root /usr/share/nginx/html;
root /var/www/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
try_files $uri $uri/ index.php?$query_string;
}
location /apiv1 {
root /var/www/html/apiv1/public;
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
if ($request_method !~ ^(GET|HEAD|POST)$) {
return 444;
}
limit_conn addr 1;
}
I'm fairly new to Linux and I'm having a little trouble setting up my web server... I am using LEMP with Varnish and phpMyAdmin. The server is running and I can access phpMyAdmin over https etc. Now I'm trying to setup Wordpress on another directory using the include /directory/*.conf; however it doesn't seem to load the file(s). It will only load the default directory set in nginx.conf
Here's my nginx.conf,
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
include /etc/nginx/v-hosts/*.conf;
index index.php index.html index.htm;
server {
listen 127.0.0.1:8080;
root /usr/share/nginx/html;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/stolenmx.com/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /srv/www/;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 443;
client_max_body_size 80M;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
location ~* ^/phpMyAdmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ { root /usr/share/;
}
location ~ \.php$ {
root /usr/share/nginx/html;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
}
}
And here's my file i'm trying to load for wordpress,
server {
server_name stolenmx.com;
listen 8080;
access_log /var/log/nginx/stolenmx.com-access.log;
error_log /var/log/nginx/stolenmx.com-error.log;
root /srv/www/stolenmx.com;
location / {
index index.php;
}
# Disable favicon.ico logging
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Allow robots and disable logging
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Enable permalink structures
if (!-e $request_filename) {
rewrite . /index.php last;
}
# Handle php requests
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/stolenmx.com$fastcgi_script_name;
}
# Disable static content logging and set cache time to max
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
# Deny access to htaccess and htpasswd files
location ~ /\.ht {
deny all;
}
}
I have included this files directory in nginx.conf "include /etc/nginx/v-hosts/*.conf;" but for some reason it's not loading it and won't point the server_name to /srv/www/ ?
Does anyone have any suggestions as to why it won't load additional server.conf ?
I can drag the wordpress install into /usr/share/nginx/html and it works but then I can't have any more than one server. I think it's something to do with my nginx.conf but not sure what to change / add?
Regards Crafty
Before changes can affect you need to restart/reload your nginx, in CentOS it's done by running:
/etc/init.d/nginx restart
(If you are not root use sudo)
You are requiring that all your included files will be suffixed with '.conf', please make sure your file has this extension. Last thing, you configured your Wordpress server to listen on 8080, did you checked on this port?
To make a long story short, I have an osCommerce installation that has been running on an Apache server for years using osCommerce's "Search Engine Friendly links" so that the links look like product_info.php/products_id/26 instead of product_info.php?products_id=26.
Well, now I've moved to an Nginx server with PHP5 and the Search Engine Friendly links just won't work for me now. BUT I have links all across the web pointing to my shop using the "friendly" links, so I have to figure out a way to redirect any url that is like this:
product_info.php/products_id/26
into this
product_info.php?products_id=26
and
index.php/cPath/19
into
index.php?cPath=19
and
product_info.php/cPath/19/products_id/207
into
product_info.php?cPath=19&products_id=207
Anyone good with Nginx rewrite rules, or who knows how to make the osCommerce built-in SEO urls work with Nginx? The osCommerce urls don't require any htaccess rewrite rules; it looks like it's all taken care of using PHP code.
nginx.conf:
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
server_names_hash_bucket_size 10240;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-available/*.vhost;
}
site.com.vhost:
server {
listen *:80;
server_name site.com www.site.com;
root /var/www/clients/client23/web5/web;
index index.php index.html index.htm;
#location ~ \.shtml$ {
# ssi on;
#}
error_log /var/log/ispconfig/httpd/site.com/error.log;
access_log /var/log/ispconfig/httpd/site.com/access.log combined;
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /stats {
index index.html index.php;
auth_basic "Members Only";
auth_basic_user_file /var/www/clients/client23/web5/web/stats/.htpasswd_stats;
}
location ^~ /awstats-icon {
alias /usr/share/awstats/icon;
}
location ~ \.php$ {
try_files /5lbe4fd76b7f89.htm #php;
}
location #php {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass unix:/var/lib/php5-fpm/web2.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
# Static Contents
location ~* ^.+.(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off;
log_not_found off;
expires 1y;
}
# CSS and JS
location ~* ^.+.(css|js)$ {
access_log off;
log_not_found off;
}
server_tokens off;
error_page 400 /400.php;
error_page 401 /401.php;
error_page 403 /403.php;
error_page 404 /404.php;
error_page 405 /405.php;
error_page 500 /500.php;
error_page 502 /502.php;
error_page 503 /503.php;
recursive_error_pages off;
fastcgi_intercept_errors on;
# Inaccessible locations
location ~ ^/includes/.*\.php$ { return 404; }
location ~ ^/administrator/includes/.*\.php$ { return 404; }
location ^~ /administrator/backups { return 404; }
location ^~ /download { return 404; }
location ^~ /cgi-bin { return 404; }
location ^~ /mail { return 404; }
location ^~ /pub { return 404; }
location ^~ /sql { return 404; }
location ^~ /temp { return 404; }
location ~ /\. { deny all; access_log off; log_not_found off; }
location ~ \.(tpl|log|sql)$ {deny all; access_log off; log_not_found off; }
location / {
#if (!-e $request_filename) { rewrite ^(.*)$ /index.php; }
fastcgi_pass unix:/var/lib/php5-fpm/web2.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
rewrite ^/(.*)-(.*).html$ /index.php?cPath=$2&$query_string;
rewrite ^/(.*)-m-([0-9]+).html$ /index.php?manufacturers_id=$2&$query_string;
rewrite ^/(.*)-pi-([0-9]+).html$ /popup_image.php?pID=$2&$query_string;
rewrite ^/(.*)-t-([0-9]+).html$ /articles.php?tPath=$2&$query_string;
rewrite ^/(.*)-a-([0-9]+).html$ /article_info.php?articles_id=$2&$query_string;
rewrite ^/(.*)-pr-([0-9]+).html$ /product_reviews.php?products_id=$2&$query_string;
rewrite ^/(.*)-pri-([0-9]+).html$ /product_reviews_info.php?products_id=$2&$query_string;
rewrite ^/(.*)-i-([0-9]+).html$ /information.php?info_id=$2&$query_string;
}
location /administrator/ {
auth_basic "Members Only";
auth_basic_user_file /var/www/clients/client23/web5/web/administrator/.htpasswd;
location ~ \.php$ {
try_files /wj70wjksdkj2jiejlsjdslj.htm #php;
}
}
}
Here we go:
rewrite "^/product_info.php/products_id/(\d+)" /product_info.php?products_id=$1 permanent;
rewrite "^/index.php/cPath/(\d+)" /index.php?cPath=$1 permanent;
rewrite "^/product_info.php/cPath/(\d+)/products_id/(\d+)" /product_info.php?cPath=$1&products_id=$2 permanent;