I have a wordpress site with the configuration below:
ian#ianhobson:/etc/nginx/sites-enabled$ cat thecoachmasternetwork
# Statements for thecoachmasternetwork.com
#
# rewrites of http to https at bottom of file
server {
server_name thecoachmasternetwork.com www.thecoachmasternetwork.com;
listen 80;
fastcgi_read_timeout 300;
root /var/www/thecoachmasternetwork/htsecure;
index index.php;
fastcgi_index index.php;
access_log /var/log/nginx/thecoachmasternetwork.access.log;
# error_log /var/log/nginx/error.log;
#
location = /favicon.ico {
log_not_found off;
access_log off;
}
location ~ \.user\.ini$ {
deny all;
}
# disallow hot linking to images
location ~ .(gif|png|jpg|jpeg)$ {
valid_referers none blocked thecoachmasternetwork.com www.thecoachmasternetwork.com;
if ($invalid_referer) {
return 403;
}
}
# serve static files that exist
location / {
try_files $uri $uri/ /index.php?$args;
}
# send .php files to fastcgi if file exists
location ~ \.php$ {
# Zero-day exploit defence - http://forum.nginx.org/read.php?2,88845,page=3
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root#fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include /etc/nginx/fastcgi.conf;
fastcgi_pass 127.0.0.1:9000;
}
}
# redirects from http -> https
#server {
# if ($host = www.thecoachmasternetwork.com) {
# return 301 https://$host$request_uri;
# } # managed by Certbot
# if ($host = thecoachmasternetwork.com) {
# return 301 https://$host$request_uri;
# } # managed by Certbot
# server_name thecoachmasternetwork.com www.thecoachmasternetwork.com;
# listen 80;
# return 404; # managed by Certbot
#}
ian#ianhobson:/etc/nginx/sites-enabled$
I can't find a rewrite, or a return 301.
However when I request the root, or when I request /index.php, the access log shows a 301 redirect to another site on my server. This is NOT the default_site, nor is it the first site. Those have been set up in nginx.conf before the inclusion of sites-enabled/*. However on port 80 only.
I suspect its a problem with certbot's certificates, (which is why I have switched it to port 80, soI can start them again). The site redirected to, is on https, and appears to be fine.
Other information that might be useful. /license.txt is served correctly. A .php file containing <php phpinfo() /php> produces what is expected. I can see nothing strange in it. I have poked about in the WP files, and can see nothing strange there, but it is a hideously complicated site.
There is nothing in the error.log.
So what is happening?
Turns out that wordpress has two lines in the ???options table, that define the URL of the siteurl and the home page. I had not changed these, and it was wordpress that was issuing the 301.
Related
Im trying to move a drupal site I started on my localhost to a server at home. The database is both exported from my localhost and stored on the server.
The content of the nginx.conf file is as follows
events {
worker_connections 768;
# multi_accept on;
}
http{
server {
listen 443 ssl;
######## S S L CONFIGURATIONS ##################
ssl_certificate /etc/ssl/Nov2021/STAR_site.edu.co.crt;
ssl_certificate_key /etc/ssl/Nov2021/site.edu.co.key;
access_log /var/log/nginx/KNH_nginx.vhost.access.log;
error_log /var/log/nginx/KNH_nginx.vhost.error.log;
root /var/www/html/arctic_kittiwake;
index index.php index.html index.htm;
###################################################
server_name site.edu.co
location / {
#try_files $uri $uri/ /index.php?q=$uri&$args;
try_files $uri /index.php?q=$uri$args;
}
location /site/ {
if (!-e $request_filename){
rewrite ^/site/(.*)$ /site/index.php break;
}
}
location ~ \.php$ {
fastcgi_index index.php;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
}
}
The directory where this file is stored is the /etc/nginx and the drupal site is stored in the /var/www/html/arctic_kittiwake/ directory.
I also have php7.4-fpm and mariadb-10.3 installed.
You are missing connection with php-fpm.
Example:
# In Drupal 8, we must also match new paths where the '.php' appears in
# the middle, such as update.php/selection. The rule we use is strict,
# and only allows this pattern with the update.php front controller.
# This allows legacy path aliases in the form of
# blog/index.php/legacy-path to continue to route to Drupal nodes. If
# you do not have any paths like that, then you might prefer to use a
# laxer rule, such as:
# location ~ \.php(/|$) {
# The laxer rule will continue to work if Drupal uses this new URL
# pattern with front controllers other than update.php in a future
# release.
location ~ '\.php$|^/update.php' {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
# Ensure the php file exists. Mitigates CVE-2019-11043
try_files $fastcgi_script_name =404;
# Security note: If you're running a version of PHP older than the
# latest 5.3, you should have "cgi.fix_pathinfo = 0;" in php.ini.
# See http://serverfault.com/q/627903/94922 for details.
include fastcgi_params;
# Block httpoxy attacks. See https://httpoxy.org/.
fastcgi_param HTTP_PROXY "";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_intercept_errors on;
# PHP 5 socket location.
#fastcgi_pass unix:/var/run/php5-fpm.sock;
# PHP 7 socket location.
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
Full example is here https://www.nginx.com/resources/wiki/start/topics/recipes/drupal/
I would like to know how I can have several sites on Nginx and be able to access each of them with the same IP (without the domain, since I am doing tests in a laboratory locally).
I have the server on a separate PC and I access it remotely from my computer using the IP. Both are on the same LAN.
In the directory /var/www/ I have two sites 'nextcloud' and 'phpmyadmin'. I would like to be able to enter both by placing (for example) 192.168.1.14/nextcloud and 192.168.1.14/phpmyadmin. Or having any other project in the www directory.
I tried all the solutions I found, but none of them worked for me. When I enter phpmyadmin for example, it gives me to download the page instead of entering it.
Within /etc/nginx/sites-enabled I have the two files, one from nextcloud:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/nextcloud/;
index index.php index.html index.htm;
server_name localhost;
client_max_body_size 512M;
fastcgi_buffers 64 4K;
location / {
root /var/www/nextcloud;
rewrite ^ /index.php$request_uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
location ~ \.(?:css|js|woff|svg|gif)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
}
And that of phpmyadmin:
server {
listen 80;
listen [::]:80;
root /var/www/phpmyadmin/;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
}
Try creating two test folders in /var/www/ (test1 and test2), each with an index.html file inside and modifying the nginx default file, but it didn't work for me either
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
index index.html;
location / {
return 410; # Default root of site won't exist.
}
location /test1/ {
alias /var/www/test1/;
try_files $uri $uri/ =404;
# any additional configuration for non-static content
}
location /test2/ {
alias /var/www/test2/;
try_files $uri $uri/ =404;
# any additional configuration for non-static content
}
}
As I said, I tried different solutions. Another problem I had was that it only redirected me to nextcloud, although I put phpmyadmin in the url. And the previous one that I already mentioned, that when I enter, download the index.php. Thank you.
Sorry for my English.
Simple add nextcloud.my and phpmyadmin.my to your .hosts file and listen domain name in Nginx.
The option that you proposed can also be made to work, but it is full of bugs and difficulties can occur during the transfer to work server.
I've been Googling this for a while but can't seem to find a solution.
At the moment I have a config file setup on Nginx to send all requests regardless of file extension to a single index.php file. However, it ignores requests ending with .php and will throw a 404 if it's not there or, try to execute it if it is.
How can I configure Nginx to send .php requests to the index.php file too so I can use it to handle all file requests, not just non-PHP files?
My config file currently looks like the following:
server {
listen 80;
listen 443;
ssl on;
ssl_certificate /somecrt.crt;
ssl_certificate_key /somekey.key;
root /sites/;
index index.php;
server_name somesite.net;
access_log /sites/logs/access.log;
error_log /sites/logs/error.log;
location ~ /\. { deny all; }
location / {
# First attempt to serve request as file, then
# as directory then fall back to index.php
try_files $uri $uri/ /index.php?$args;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
location ~ \.php$ {
try_files $uri /index.php?$args =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
# fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
}
}
After some more Googling "nginx: Map single static URL to a PHP file" helped me figure out the solution. So the new config is now:
server {
listen 80;
listen 443;
ssl on;
ssl_certificate /somecrt.crt;
ssl_certificate_key /somekey.key;
root /sites/;
index index.php;
server_name somesite.net;
access_log /sites/logs/access.log;
error_log /sites/logs/error.log;
location ~ /\. { deny all; }
location / {
include fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
}
}
With this config, all requests will be sent to the single index.php.
Of course, this will include static files such as image files which will probably impact Nginx server performance. In that case, you might want to add another location block before it if you want to exclude certain kind of requests.
For example, to exclude jpgs and gifs:
location ~ \.(jpg|gif) {
try_files $uri =404;
}
I have some troubles with nginx.
I created new project on Symfony3. Config.php says, that everything is good. dev_app.php - too.
But when I try to open site without any other route, like sitename.com nginx returns 403 error.
When I try to start symfnoy server (bin/console server:start) It's forbidden too.
sitename.com:8000 returns me fail to opening this page.
site-available config is
upstream phpfcgi {
server 127.0.0.1:8000;
}
server {
listen 80;
server_name localhost;
root /home/staging/www/web;
error_log /home/staging/logs/staging.error.log;
access_log /home/staging/logs/staging.access.log;
location / {
index app.php;
try_files $uri #rewriteapp;
}
location #rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}
# pass the PHP scripts to FastCGI server from upstream phpfcgi
location ~ ^/(app|app_dev|config)\.php(/|$) {
fastcgi_pass phpfcgi;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
}
I added new entity with crud, but any actions doesn't work.
I will be glad for any help. Thanks
Try to add
rewrite ^/app\.php/?(.*)$ /$1 permanent;
in the server section before any location sections (after the root /home/staging/www/web; line, for example).
I have 12 sites that I plan to run on a single server that has NGinx and php5-fpm on it. I set them all up using one server block per conf file, all included by the main nginx.conf file. It's a mix of Wordpress, PhpMyAdmin, and PHP sites. The wordpress and PhpMyAdmin sites are working fine, but the PHP sites are not. Meaning, when I pull up example.com, Chrome says connection refused, and there's no trace of an incoming connection on NGinx logs. test.example.com pulls up the default site(because I didn't configure test.example.com then) at the same time.
I copied the nginx configs from the working sites to set up the sites that are not working, but no luck. The only difference in nginx config between the working and non-working sites are the server_name directive.
After checking and rechecking for over 2 hours, I found out that the sites that have the server_name as pqr.example.com work, but the ones with example.com don't. All of the working sites are configured to use subdomain URLs, and that's probably why they're working.
My questions are -
1. What am I missing in the config to make the abc.com work ?
2. I have two sites, example.com and example.net that I'm trying to run on the same server. Is that going to be a problem for NGinx ?
3. Does Nginx have a problem with differentiating between example.com, test.example.com, and example.net ?
4. I also noticed that if www.example.net works, www.example.com doesn't and vice versa, which means I have to assign each site that has the name abc in it different subdomains like www.example.net and test.example.com. Is this a standard/expected behavior of Nginx, or am I missing something ?
5. All of my base URLs auto redirect from http://example.com to http://www.example.com; How do I find out where that redirect is happening ?
Below are the Nginx config files that I'm having problems with, truncated to include the important parts; Please let me know if more info is needed.
Main nginx.conf file -
user www-data www-data;
pid /var/run/nginx.pid;
worker_processes 4;
worker_rlimit_nofile 100000;
events {
worker_connections 4096;
include /etc/nginx.custom.events.d/*.conf;
}
http {
default_type application/octet-stream;
access_log off;
error_log /var/log/nginx/error.log crit;
.......
server_tokens off;
include proxy.conf;
include fcgi.conf;
include conf.d/*.conf;
include /etc/nginx.custom.d/*.conf;
}
include /etc/nginx.custom.global.d/*.conf;
Here is the full working .conf file for a blog that works. All other sites have this full config, since they are just basic PHP sites.
server {
listen *:80;
server_name blog.example.com;
access_log /var/log/nginx/blog-example.access.log;
error_log /var/log/nginx/blog-example.error.log;
root /var/www/example/blog;
index index.html index.htm index.php;
# This order might seem weird - this is attempted to match last if rules below fail.
location / {
try_files $uri $uri/ /index.php?$args;
}
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
# Directives to send expires headers and turn off 404 error logging.
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires max;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~ [^/]\.php(/|$) {
# Zero-day exploit defense.
# http://forum.nginx.org/read.php?2,88845,page=3
# Won't work properly (404 error) if the file is not stored on this server, which is entirely possible with php-fpm/php-fcgi.
# Comment the 'try_files' line out if you set up php-fpm/php-fcgi on another machine. And then cross your fingers that you won't get hacked.
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
include fcgi.conf;
fastcgi_pass unix:/var/run/php-fcgi-blog-example-php-fcgi-0.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Here's the truncated .conf file for example.com
server {
listen *:80;
server_name example.com www.example.com test.example.com;
access_log /var/log/nginx/examplecom.access.log;
error_log /var/log/nginx/examplecom.error.log;
root /var/www/example/com;
index index.html index.htm index.php;
# This order might seem weird - this is attempted to match last if rules below fail.
location / {
try_files $uri $uri/ /index.php?$args;
}
........
location ~ [^/]\.php(/|$) {
......
fastcgi_index index.php;
include fcgi.conf;
fastcgi_pass unix:/var/run/php-fcgi-examplecom-php-fcgi-0.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Here's the truncated file for example.net
server {
listen *:80;
server_name example.net www.example.net test.example.net;
access_log /var/log/nginx/examplenet.access.log;
error_log /var/log/nginx/examplenet.error.log;
root /var/www/example/net;
index index.html index.htm index.php;
# This order might seem weird - this is attempted to match last if rules below fail.
location / {
try_files $uri $uri/ /index.php?$args;
}
........
location ~ [^/]\.php(/|$) {
......
fastcgi_index index.php;
include fcgi.conf;
fastcgi_pass unix:/var/run/php-fcgi-examplenet-php-fcgi-0.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Meaning, when I pull up example.com, Chrome says connection refused, and there's no trace of an incoming connection on NGinx logs. test.example.com pulls up the default site(because I didn't configure test.example.com then) at the same time.
Well, your server is listening. Chances are you haven't configured your DNS records correctly, or there is DNS caching. Set your host file to test this theory.