Magento Wordpress Nginx Configuration - wordpress

I have a Magento shop at http://example.com and I want to keep a Wordpress blog at http://example.com/blog.
I have installed the blog and everything seems to be fine but when am logging to Wp-Admin am getting 404 for css and js files due to which dashboard is looking very ugly.
Am I doing any mistake? am attaching my nginx config file
##################################################################################
#
# example.com
#
##################################################################################
server {
listen 80;
server_name example.com ;
#charset koi8-r;
#access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
location / {
root /usr/share/nginx/html/mebozo-magento.mebozo.com;
try_files $uri $uri/ #handler; ## If missing pass the URI to Magento's front handler
index index.php index.html index.htm;
}
location /blog {
root /usr/share/nginx/html/mebozo-magento.mebozo.com/blog;
try_files $uri $uri/ /blog/index.php;
index index.php index.html index.htm;
rewrite ^.*/files/(.*) /wp-includes/ms-files.php?file=$2;
rewrite ^.*/wp-admin(.*) $1wp-admin/;
}
location ~* ^.+\.(html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$
{
root /usr/share/nginx/html/mebozo-magento.mebozo.com/blog;
rewrite ^/.*(/.*\.(html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js))$ $1 last;
rewrite ^.*/files/(/.*(html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js))$/wp-includes/ms-files.php?file=$1 last;
expires 30d;
break;
}
## These locations would be hidden by .htaccess normally
#location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
#expires 1y;
#log_not_found off;
#}
location ~ .php/ {
## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}
################For Foomen Speedster###############
#rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
# rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
# location /lib/minify/ {
# allow all;
# }
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
#############gzip###########
gzip on; # use gzip compression
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_proxied any; # enable proxy for the fcgi requests
gzip_types text/plain text/css application/x-javascript text/javascript application/json;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
location #handler { ## Magento uses a common front handler
rewrite / /index.php;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
# if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
root /usr/share/nginx/html/mebozo-magento.mebozo.com;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/mebozo-magento.mebozo.com$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}

I will attempt to solve this puzzle by suggesting that we clean up your nginx config file. Your */files/ rewrites look to be problematic to me.
Without knowing what your nginx.conf file looks like OR what your http {block} looks like, I will assume that it is pretty clean and that you are handling your global settings like gzip types, ssl protocols and ciphers, and additional headers, etc. there. I know that you included your gzip on in your file but sometimes duplicate that in server not realizing it is already set a layer above... if not add your gzip back in as necessary. All that said, after reading your conf file completely and I would suggest rewriting it to something like this:
(Note: the new URI level location and the #rewrites, and the removal of redundant root path definitions.)
server {
listen 80;
listen [::]:80;
## SSL CONFIGURATION (can be done here in same file)
#listen 443 ssl http2;
#listen [::]:443 ssl http2;
#ssl_certificate /etc/nginx/ssl/cert_chain.crt;
#ssl_certificate_key /etc/nginx/ssl/star_example.com.priv.key;
# domain name
server_name example.com www.example.com;
# doc root
root /usr/share/nginx/html/mebozo-magento.mebozo.com;
## Logs per vhost
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log warn;
## This can also be set in your http block and if it is, it's not needed here.
index index.php index.html index.htm;
# Adjust upload max file size settings
# This value should match your PHP.ini config settings for upload_max_filesize
client_max_body_size 50M; # allows file uploads up to 50 megabytes
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
## Main Magento location
location / {
try_files $uri $uri/ #rewrite;
}
# Your blog location
location /blog/ {
try_files $uri $uri/ #rewrite_blog;
}
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx;
}
## These locations are protected
location ~ /(app|downloader|includes|pkginfo|var|errors/local.xml)/ {
deny all;
}
## Images
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
access_log off;
add_header ETag "";
}
location =/js/index.php/x.js {
rewrite ^(.*\.php)/ $1 last;
}
# rewrites
location #rewrite {
rewrite / /index.php?$args;
}
location #rewrite_blog {
rewrite /blog/ /blog/index.php?$args;
}
## Execute PHP scripts
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
## Store code with multi store/domain magento instance
#fastcgi_param MAGE_RUN_CODE $mage_code;
#fastcgi_param MAGE_RUN_TYPE $mage_type;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.sh$|\.txt$|\.htaccess$|\.git|\.sample$|mage$) {
deny all;
}
}

Related

Yii2 after server change can't authenticate via query param auth

I upgraded my Yii2 application version to the latest - 2.0.46 and changed server from apache to Nginx and now I can't make API GET request from my application using query param auth Given error below
<response>
<name>Unauthorized</name>
<message>Your request was made with invalid credentials.</message>
<code>0</code>
<status>401</status>
<type>yii\web\UnauthorizedHttpException</type>
</response>
My API controller looks like this
public function behaviors(): array
{
$behaviors = parent::behaviors();
$behaviors['authenticator'] = [
'class' => CompositeAuth::class,
'authMethods' => [
QueryParamAuth::class,
]
];
$behaviors['language'] = [
'class' => LanguageSelector::class
];
return $behaviors;
}
I read that similar problem people had with apache servers and editing .htaccess helped, but what about Nginx? Or maybe problem is with new Yii2 version!?
API call example that I am making - examplesite/api/controller/method/?access-token=myaccesstoken&id=myID&lang=lv-LV
As my application is using only get requests, old version and new version uses same DB and on old version API call like example given (with good data) works fine. Can enyone help me?
UPDATE: Nginx config
server {
listen 443 ssl;
# server_name exsampleserver;
server_name exampleserverIP
# add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
ssl_certificate /etc/nginx/ssl/certdomainexample.crt;
ssl_certificate_key /etc/nginx/ssl/certdomainexample.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
access_log /var/log/nginx/app.log upstream_time;
error_log /var/log/nginx/app-ssl.error.log notice;
root /srv/www/web/frontend/web;
index index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /api/ {
try_files $uri $uri/ /api/index.php?query_string;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass unix:/run/php/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_read_timeout 1200;
fastcgi_send_timeout 1200;
fastcgi_connect_timeout 1200;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_pass_header Authorization;
}
location ~ /\.ht {
deny all;
}
location ~ /\.git {
deny all;
}
}
With a help from tech group we founded that working with symlinks in Nginx config $query_params wont work.
So instead of
location /api/ {
try_files $uri $uri/ /api/index.php?query_string;
}
need to add
location /api/ {
try_files $uri $uri/ /api/index.php$is_args$args;
}
into Nginx config
Directory structure:
examplesite:
- api
+ models
+ controllers
+ web
- backend
+ models
+ controllers
+ web
+ common
+ console
- frontend
+ models
+ controllers
+ web
+ vendor
+ composer.json
Nginx config for Yii2 advanced app
This config will allow you to use fallowing domain rules:
examplesite.test/api - api folder app
examplesite.test/admin - backend folder app
examplesite.test/ - frontend folder app
Disclaimer
Use this config only in test environments and if you know how nginx works. For production sites better ask for a specialist help.
server {
#listen *:443 ssl http2;
listen *:80;
server_name examplesite.test;
#include /etc/nginx/ssl-snippets/ssl-snippet.conf;
# LOGS - config
access_log /var/log/nginx/examplesite.access.log;
error_log /var/log/nginx/examplesite.error.log;
# NGINX - config (sizes, charset, caching, ...)
client_max_body_size 32m;
client_body_buffer_size 32m;
charset utf-8;
gzip on;
gzip_types
text/plain
text/css
text/xml
application/xml
application/xml+rss
text/javascript
application/json
application/x-javascript
application/javascript;
# BASE ROOT DIRECTORY for Yii advanced app setup. Default must be the path to your app composer.json. Let suppose it in /var/www/examplesite
set $base_root /var/www/examplesite;
# BASE PHP-FPM SOKET - this is passed to nginx fastcgi_pass, uncoment or add needed version
set $php_server unix:/run/php/php7.4-fpm.sock;
#set $php_server unix:/run/php/php8.0-fpm.sock;
#set $php_server unix:/run/php/php8.1-fpm.sock;
root $base_root;
index index.php index.html;
# FRONTEND APP - location config
location / {
root $base_root/frontend/web;
try_files $uri $uri/ /frontend/web/index.php$is_args$args;
# omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
location ~ ^/.+\.(css|less|js|map|ico|png|jpe?g|gif|webp|svg|eot|ttf|woff|woff2|mp4|mov|swf|txt|pdf)$ {
expires 365d;
log_not_found off;
access_log off;
try_files $uri =404;
}
location ~ ^/assets/.+\.php(/|$) {
deny all;
}
}
# API APP - location config
location /api {
root $base_root/api/web/;
# redirect to the URL without a trailing slash (uncomment if necessary)
#location = /api/ {
# return 301 /api;
#}
location = /api {
try_files $uri /api/web/index.php$is_args$args;
}
# omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
location ~ ^/api/.+\.(css|less|js|map|ico|png|jpe?g|gif|webp|svg|eot|ttf|woff|woff2|mp4|mov|swf|txt|pdf)$ {
rewrite ^/api(/.+)$ $1 break;
log_not_found off;
access_log off;
try_files $uri =404;
}
location ~ ^/api/assets/.+\.php(/|$) {
deny all;
}
try_files $uri $uri/ /api/web/index.php$is_args$args;
}
# BACKEND APP - location config
location /admin {
root $base_root/backend/web/;
# redirect to the URL without a trailing slash (uncomment if necessary)
#location = /admin/ {
# return 301 /admin;
#}
# prevent the directory redirect to the URL with a trailing slash
location = /admin {
try_files $uri /backend/web/index.php$is_args$args;
}
# omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
location ~ ^/admin/.+\.(css|less|js|map|ico|png|jpe?g|gif|webp|svg|eot|ttf|woff|woff2|mp4|mov|swf|txt|pdf)$ {
rewrite ^/admin(/.+)$ $1 break;
log_not_found off;
access_log off;
try_files $uri =404;
}
location ~ ^/admin/assets/.+\.php(/|$) {
deny all;
}
# if your location is "/backend", try use "/backend/backend/web/index.php$is_args$args"
# bug ticket: https://trac.nginx.org/nginx/ticket/97
try_files $uri $uri/ /backend/web/index.php$is_args$args;
}
# PHP FILES HANDLE
location ~ ^/.+\.php(/|$) {
rewrite (?!^/((frontend|api|backend)/web|api|admin))^ /frontend/web$uri break;
rewrite (?!^/api/web)^/api(/.+)$ /api/web$1 break;
rewrite (?!^/backend/web)^/admin(/.+)$ /backend/web$1 break;
fastcgi_pass $php_server;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $fastcgi_script_name =404;
}
# OTHER LOCATIONS AND RESTRICTIONS
location = /robots.txt { access_log off; log_not_found off; }
location = /favicon.ico { access_log off; log_not_found off; }
location ~* /\. { access_log off; log_not_found off; deny all; }
}

Yii2 Advanced Template on Nginx Elastic Beanstalk

I'm trying to launch my Yii2-advanced project on AWS' Elastic Beanstalk stack running an nginx server. I have been unable figure out a configuration that allows me to access the backend of the site. I have tried extending the nginx configuration via the AWS documentation:
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/platforms-linux-extend.html
Which does not work. So I modify the configuration manually via vim from the command line.
While using combinations of the following configuration settings:
https://www.yiiframework.com/wiki/799/yii2-app-advanced-on-single-domain-apache-nginx
To no avail. I have tried alias and root for the backend folder and each variation I get either a 404 (file not found) or 502 (bad gateway) error.
At bare minimum, this is what I've tried to add to my nginx configuration:
root /var/www/html/frontend/web;
index index.php index.html index.htm;
location /backend/ {
root ../../backend/web;
}
What am I doing wrong?
Here you can see a fully working yii2 advanced app example nginx configuration. You can change it to match your needs.
App server:
mycoolapp.com
nginx
php7.4-fpm
Routes:
http://mycoolapp.com -- frontend
http://mycoolapp.com/admin -- backend
http://mycoolapp.com/api -- api
Nginx configuration:
server {
## Listen ports config
listen *:80 http2;
#listen *:443 ssl http2;
## Site name config
server_name mycoolapp.com;
## SSL config (uncomment if necessary)
#include /etc/nginx/ssl-snippets/ssl-snippet.conf;
## Access and error log files path
access_log /var/log/nginx/mycoolapp.com.access.log;
error_log /var/log/nginx/mycoolapp.com.error.log;
## Max upload size config
client_max_body_size 32m;
client_body_buffer_size 32m;
charset utf-8;
## Gzip config
gzip on;
gzip_types
text/plain
text/css
application/json
application/x-javascript
text/xml
application/xml
application/xml+rss
text/javascript
application/javascript;
## Path to app root (folder that contains frontend and backend folders)
set $base_root /var/www/html/mycoolapp;
root $base_root;
index index.php index.html;
## Frontend app config
## Entry point: https://mycoolapp.com
location / {
# Path to frontend web folder
root $base_root/frontend/web;
try_files $uri $uri/ /frontend/web/index.php$is_args$args;
## Omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
location ~ ^/.+\.(css|less|js|map|ico|png|jpe?g|gif|webp|svg|eot|ttf|woff|woff2|mp4|mov|swf|txt|pdf)$ {
expires 365d;
log_not_found off;
access_log off;
try_files $uri =404;
}
## Deny any php file in assets folder (security)
location ~ ^/assets/.+\.php(/|$) {
deny all;
}
}
## Backend app config
## Entry point: https://mycoolapp.com/admin
location /admin {
## Path to backend web folder
root $base_root/backend/web/;
## Redirect to the URL without a trailing slash (uncomment if necessary)
#location = /admin/ {
# return 301 /admin;
#}
## Prevent the directory redirect to the URL with a trailing slash
location = /admin {
try_files $uri /backend/web/index.php$is_args$args;
}
## Omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
location ~ ^/admin/.+\.(css|less|js|map|ico|png|jpe?g|gif|webp|svg|eot|ttf|woff|woff2|mp4|mov|swf|txt|pdf)$ {
rewrite ^/admin(/.+)$ $1 break;
log_not_found off;
access_log off;
try_files $uri =404;
}
## Deny any php file in assets folder (security)
location ~ ^/admin/assets/.+\.php(/|$) {
deny all;
}
try_files $uri $uri/ /backend/web/index.php$is_args$args;
}
## API app config
## Entry point: https://mycoolapp.com/api
location /api {
root $base_root/api/web/;
## Redirect to the URL without a trailing slash (uncomment if necessary)
#location = /api/ {
# return 301 /api;
#}
location = /api {
try_files $uri /api/web/index.php$is_args$args;
}
## Omit static files logging, and if they don't exist, avoid processing by Yii (uncomment if necessary)
location ~ ^/api/.+\.(css|less|js|map|ico|png|jpe?g|gif|webp|svg|eot|ttf|woff|woff2|mp4|mov|swf|txt|pdf)$ {
rewrite ^/api(/.+)$ $1 break;
log_not_found off;
access_log off;
try_files $uri =404;
}
## Deny any php file in assets folder (security)
location ~ ^/api/assets/.+\.php(/|$) {
deny all;
}
try_files $uri $uri/ /api/web/index.php$is_args$args;
}
## PHP configuration
location ~ ^/.+\.php(/|$) {
## Rewrites
rewrite (?!^/((frontend|api|backend)/web|api|admin))^ /frontend/web$uri break;
rewrite (?!^/api/web)^/api(/.+)$ /api/web$1 break;
rewrite (?!^/backend/web)^/admin(/.+)$ /backend/web$1 break;
## FPM config
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $fastcgi_script_name =404;
}
## Logging and access of restricted folders
location = /robots.txt { access_log off; log_not_found off; }
location = /favicon.ico { access_log off; log_not_found off; }
location ~* /CHANGELOG { access_log off; log_not_found off; deny all; }
location ~* /LICENSE { access_log off; log_not_found off; deny all; }
location ~* /README { access_log off; log_not_found off; deny all; }
location ~* /\. { access_log off; log_not_found off; deny all; }
}

Redirect localhost to https nginx magento

I am running a magento website on my localhost and want to redirect it to https so that service workers can get registered. my conf file is
upstream php-handler {
server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
listen *:443 ssl;
server_name mytestsite.com;
ssl_certificate /etc/nginx/ssl/wildcard.chained.crt;
ssl_certificate_key /etc/nginx/ssl/somekey.key;
return 301 https://$server_name$request_uri;
# Path to the root of your installation
root /home/webstack/magento;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) {
#deny all;
}
location / {
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
#try_files $uri $uri/ index.php;
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php(?:$|/) {
try_files $uri $uri/ /index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
#fastcgi_param HTTPS on;
fastcgi_pass php-handler;
}
# Optional: set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
}
when i restart the nginx server and type the address https://mytestsite.com it says
The mytestsite.com page isn’t working
mytestsite.com redirected you too many times.
I've tried clearing the cache and cookies but its still the same.
can anyone tell me what is wrong with the conf file?
Thanks in advance.
Delete this line
return 301 https://$server_name$request_uri;
and set unsecure and secure links on magento admin panel(System>Configuration>Web)
Base URL = https://mytestsite.com
Base Link URL = https://mytestsite.com
Base Skin URL = https://mytestsite.com
Base Media URL = https://mytestsite.com
Base JavaScript URL = https://mytestsite.com

Nginx: Automatic sub-domain creation if a folder exists

I have this folder: /home/sites/dev/
Nginx serves the content of this folder if I visit "domain.com"
But, let's say that if I create a folder inside this folder, for example "wp-test", I want nginx to serve this folder if I visit "wp-test.domain.com"
It seems like "ianc" made it work on his blog post, but I can't get it to work.
Here's my config so far for nginx:
server {
listen 80;
server_name www.ilundev.no;
root /home/sites/dev;
}
server {
listen 80;
server_name ~^(.*)\.ilundev\.no$;
if (!-d /home/sites/dev/ilundev.no/public/$1) {
rewrite . http://www.ilundev.no/ redirect;
}
root /home/sites/dev/$1;
}
server {
listen 80;
server_name ilundev.no;
rewrite ^/(.*) http://www.ilundev.no/$1 permanent;
}
I made it work!
First thing first. I had an error in my config.
The line
if (!-d /home/sites/dev/ilundev.no/public/$1) {
was wrong, and should be
if (!-d /home/sites/dev/$1) {
And, I had to set up a wildcard entry to my domain, at my domain provider.
The entry looked like "*.ilundev.no" and I used the "A" option - and it worked!
Updated and optimized config:
This will work as long as the DNS at your domain provider properly sets "*.dev" in a subdomain for your domain, with the "A" option - and the IP of your server.
server {
listen 80;
server_name dev.ilun.no www.dev.ilun.no;
root /home/sites/dev;
}
server {
listen 80;
server_name ~^(.*)\.dev.ilun\.no$;
if (!-d /home/sites/dev/$1) {
rewrite . http://dev.ilun.no/ redirect;
}
root /home/sites/dev/$1;
}
However, now I'm stuck trying to make the server run php code in such a subdomain.
server {
listen 80;
server_name ~^(?<branch>.*)\.example\.com;
root /var/www/$branch/public;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_log /var/log/nginx/$branch.example.com.error.log error;
sendfile off;
client_max_body_size 100m;
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-fpm:9000;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}

Nginx block for multiple domains to redirect all traffic to https?

I have a web server running nginx 1.6 with one IP address and hosting www.domainname.com as well as dev.domainname.com.
I'm trying to find a smart way to route all http traffic to https and I want to make sure that my default server is the 'www' live version of the time. So the end goal is that unless the user specifies https://dev.domainname.com they will be redirected to https://www.domainname.com.
My nginx.conf setup is configured to include for '/etc/nginx/etc/sites-enabled/*'. So my configuration example is located at 'etc/nginx/sites-enabled/www.domainname.com'.
So my question is there a better way to handle this type of setup?
# redirect all non https
server {
# all traffic should be over https
listen 80 default;
# listen for all server names
server_name *.domainname.com;
# redirect to www with https
return 301 $scheme://www.domainname.com$request_uri;
}
# configuration for the non-www redirect
server {
# non-www server name
server_name domainname.com;
# return to www
return 301 $scheme://www.domainname.com$request_uri;
}
# configuration for the live website
server {
# configuration for all https sites
listen 443 default_server ssl;
ssl on;
# www server name
server_name www.domainname.com;
# root to public directory
root /path/to/www.domainname.com/public;
# ssl certificates
ssl_certificate /etc/nginx/ssl/www.domainname.com/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/www.domainname.com/server.key;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
# error logs for www site
error_log /var/log/nginx/www.domainname.com-error.log error;
}
# configuration for the dev site
server {
# dev server name
server_name dev.domainname.com;
# root to public directory
root /path/to/dev.domainname.com/public;
# ssl certificates - using multi domain ssl
ssl_certificate /etc/nginx/ssl/www.domainname.com/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/www.domainname.com/server.key;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
# error logs for dev site
error_log /var/log/nginx/dev.domainname.com-error.log error;
}

Resources