our backend for some reason puts request together with response.
like, when js sends post/get/whatever request with name=hello&pass=hell
the response from php should be {result:true}
but instead we are getting name=hello&pass=hell{result:true}
example screenshot
its 100% not js or php issue, we tested the same exact scripts on different server - no issues there.
server we are having issues with is running nginx, here is how config looks like. no idea where to search for the error
user www-data;
worker_processes auto;
worker_rlimit_nofile 65535;
pid /var/run/nginx.pid;
events {
worker_connections 100000;
multi_accept on;
}
http {
## Basic Settings ##
client_body_timeout 20s; # Use 5s for high-traffic sites
client_header_timeout 20s; # Use 5s for high-traffic sites
client_max_body_size 1024m;
keepalive_timeout 20s;
port_in_redirect off;
sendfile on;
server_names_hash_bucket_size 64;
server_name_in_redirect off;
server_tokens off;
tcp_nodelay on;
tcp_nopush on;
types_hash_max_size 2048;
## DNS Resolver ##
# If in China, enable the OpenDNS entry that matches your network connectivity (IPv4 only or IPv4 & IPv6)
# OpenDNS (IPv4 & IPv6)
#resolver 208.67.222.222 208.67.220.220 [2620:0:ccc::2] [2620:0:ccd::2];
# OpenDNS (IPv4 only)
#resolver 208.67.222.222 208.67.220.220;
# Google Public DNS (IPv4 & IPv6)
#resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844];
# Google Public DNS (IPv4 only) [default]
resolver 8.8.8.8 8.8.4.4;
##
# Protect Dos
##
limit_req_zone $binary_remote_addr zone=dos:10m rate=4000r/s;
limit_req zone=dos burst=1000;
limit_req_status 503;
## MIME ##
include /etc/nginx/mime.types;
default_type application/octet-stream;
## Logging Settings ##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
## Gzip Settings ##
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 5;
gzip_disable "msie6";
gzip_min_length 256;
gzip_proxied any;
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/javascript
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy
text/x-js
text/xml;
gzip_vary on;
# Proxy Settings
proxy_cache_path /tmp/engintron_dynamic levels=1:2 keys_zone=engintron_dynamic:20m inactive=10m max_size=500m;
proxy_cache_path /tmp/engintron_static levels=1:2 keys_zone=engintron_static:20m inactive=10m max_size=500m;
proxy_temp_path /tmp/engintron_temp;
## Virtual Host Configs ##
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name [censored];
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass localhost:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
server {
server_name brokenshit.[censored].com www.brokenshit.[censored].com;
root /var/www/html/Production;
index index.php;
rewrite ^/l/(.*)$ /lead_details.php?id=$1 last;
rewrite ^/cb/(.*)$ /lead_cob.php?id=$1 last;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass localhost:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
UPDATE
sending requests from postman to this server - no issues, normal response without any unnecessary strings
UPDATE 2
service php7.4-fpm restart helps for a short period of time
auto_prepend_file = none in php.ini helps for a short period of time
pfpinfo(); is indeed showing different auto_prepend_file, allow_url_include and disable_functions parameters each time you refresh the page
seems like changing listen from 9000 to 127.0.0.1:9000 in /etc/php/7.4/fpm/pool.d/www.conf solved the request in response issue
Related
My CSS and JS files are showing up as 404 / File Not Found. It is the "Laravel 404" page, not the "Nginx 404" page that is being shown, which makes me think it could be a Laravel issue, but I'm not sure. The rest of my site and the Laravel app in the sub-directory are working fine.
I have Nginx serving a regular PHP web site (PHP-FPM) from the default root at /
I also have Nginx serving a Laravel app from /todos/
But the images from under /todos/ (the Laravel app) are all showing up as 404. The file system location is /todos/public/css/ and /todos/public/js/ accordingly.
I'm guessing this is an Nginx issue, but I'm not sure. It might be a Laravel issue. Do I need to set a Route in /routes/web.php for css and js files in Laravel?
This is a pretty vanilla Bitnami Ubuntu install.
Here are my Nginx config files:
Contents of nginx.conf:
user daemon daemon;
worker_processes auto;
error_log "/opt/bitnami/nginx/logs/error.log";
pid "/opt/bitnami/nginx/logs/nginx.pid";
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2;
proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2;
fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2;
scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2;
uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2;
access_log "/opt/bitnami/nginx/logs/access.log";
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_proxied any;
gzip_vary on;
gzip_types text/plain
text/xml
text/css
text/javascript
application/json
application/javascript
application/x-javascript
application/ecmascript
application/xml
application/rss+xml
application/atom+xml
application/rdf+xml
application/xml+rss
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon
application/atom_xml;
gzip_buffers 16 8k;
add_header X-Frame-Options SAMEORIGIN;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS;
include "/opt/bitnami/nginx/conf/bitnami/bitnami.conf";
Contents of bitnami.conf:
# HTTP server
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
server_name localhost;
return 301 https://$host$request_uri;
location / {
root /opt/bitnami/nginx/html;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$query_string;
}
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
}
# HTTPS server
server {
listen 443 ssl http2;
listen [::]:443 default ipv6only=on;
server_name localhost;
ssl_certificate server.crt;
ssl_certificate_key server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location / {
root /opt/bitnami/nginx/html;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$query_string;
}
location /todos {
try_files $uri $uri/ /todos/index.php?$query_string;
index index.php index.html index.htm;
root /opt/bitnami/nginx/html/todos/public/;
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_read_timeout 300;
fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME /opt/bitnami/nginx/html/todos/public/index.php;
fastcgi_param QUERY_STRING $query_string;
include fastcgi_params;
}
}
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
}
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-vhosts.conf";
Contents of /opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf:
location ~ \.php$ {
root html;
fastcgi_read_timeout 300;
fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
Well, I ended up adding the following location blocks and it worked, turns out alias was the trick:
location /todos/css/ {
alias /opt/bitnami/nginx/html/todos/public/css/;
}
location /todos/js/ {
alias /opt/bitnami/nginx/html/todos/public/js/;
}
I am running into an issue when trying to enforce SSL on Wordpress whether it be by changing the site URL to HTTPS or setting force-wpadmin or using the force ssl on shopping cart from WooCommerce. If you type in https:// it works fine but when it's forced from WordPress that page get stuck in an infinite loop.
The site is also behind a Full (Strict) CloudFlare w/ SSL enabled.
The server is running NGINX with PHP-FPM (PHP7) and the latest version of WordPress. I am using NGINX Caching along with OPCache. I have a feeling it may have to do with my nginx.conf file but i'm not sure. Please see below.
user username;
worker_processes 2 ;
pid /var/run/nginx.pid;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
worker_rlimit_nofile 4096;
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
types_hash_max_size 2018;
client_max_body_size 124m;
client_body_buffer_size 1m;
client_body_timeout 47;
client_header_timeout 47;
# server_tokens off;
server_names_hash_bucket_size 128;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 120s;
fastcgi_read_timeout 120s;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
reset_timedout_connection on;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Gzip Settings
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 2;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon image/webp application/json application/vnd.ms-access application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint application/x-shockwave-flash image/tiff application/x-font-ttf audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel;
# Nginx Fast Cache Settings
fastcgi_cache_path /dev/shm/nginx-cache levels=1:2 keys_zone=WORDPRESS:1024m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
# HTTP Server
server {
listen 80 default_server;
listen 443 ssl;
#listen [::]:80 default_server;
server_name www.siteurl.com;
ssl_certificate /efs/ssl/name.crt;
ssl_certificate_key /efs/ssl/name.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;
root /efs/public_html1/;
include /efs/name/nginx.conf;
index index.php;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}
#Set static file browser caching
location ~* \.(css|js)$ {
expires 30d;
log_not_found off;
access_log off;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 60d;
log_not_found off;
access_log off;
}
#Prevent access to hidden files
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
#Cache Settings
set $skip_cache 0;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don't cache uris containing the following segments
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm-7.0.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 60m;
}
location ~ /purge(/.*) {
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
}
add_header X-Cache-Status $upstream_cache_status;
}
}
I seem to be having an issue with my Nginx (version 1.11.9) installation. I have set up a LEMP stack on my Ubuntu 16.04 LTS server, and also have mail services running on it as well. I'm using the following agents :- Postfix and Dovecot. Now the reason for setting up LEMP is to facilitate webmail using Roundcube. I have set up symbolic links within sites-enabled, deleted link to default and added site config file called roundcube. The problem I am having is the default_server document root is not loading any pages from that location, it only seems to be loading pages from the Nginx default location /usr/share/nginx/html
I have specified root to be /usr/share/nginx/roundcube but no pages load from that location. I been going over this a 3 weeks now and I'm just getting frustrated as I cant see the issue. I will list the Nginx config files I have amended.
Any help would be very much appreciated.
P.S I am using Cloudflare DNS
Thanks Rob
nginx.conf :-
user www-data;
worker_processes 2;
pid /run/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10 10;
types_hash_max_size 2048;
server_tokens off;
port_in_redirect off;
client_max_body_size 4096k;
client_body_timeout 10;
client_header_timeout 10;
send_timeout 10;
#server_names_hash_bucket_size 64;
#server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_min_length 1100;
gzip_vary on;
gzip_proxied any;
# gzip_comp_level 6;
gzip_buffers 16 8k;
# gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/rss+xml text/javascript image/svg+xml application/x-font-ttf font/opentype application/ vnd.ms-fontobject;
##
# SSL Settings
##
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
#ssl_prefer_server_ciphers on;
# Sitewide SSL settings
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 4k;
# Sitewide proxy settings
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
Sites-available config file "roundcube" contents :-
server {
listen 80;
server_name example.com;
if ($http_cf_visitor ~ '{"scheme":"http"}') {
return 301 https://example.com$request_uri;
}
}
server {
listen 80;
server_name example.com;
if ($http_cf_visitor ~ '{"scheme":"http"}') {
return 301 https://$host$request_uri;
}
}
# HTTPS server
server {
listen 443 ssl http2 default_server;
server_name example.com;
root /usr/share/nginx/roundcube;
index index.html index.php;
autoindex off;
ssl on;
ssl_certificate /etc/ssl/private/ssl-chain-mail-example.com.pem;
ssl_certificate_key /etc/ssl/private/ssl-key-decrypted-mail-example.com.key;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES :RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS;
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp521r1;
# Client auth via certs
# ssl_client_certificate /etc/ssl/private/example.com.crt;
# ssl_trusted_certificate /etc/ssl/private/example.com.crt;
# ssl_verify_client on;
location / {
# if ($ssl_client_s_dn !~* "user#example.com") {
# return 301 http://www.jurassicsystems.com/;
# }
# error_page 403 #fallback;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
location ~ ^/(config|bin|SQL|logs|temp)/ {
deny all;
}
location ~ ^/.*\.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php7.1-fpm-sock;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
location #fallback {
return 301 http://www.jurassicsystems.com/;
}
}
I've got a weird routing issue with Laravel 4 and Nginx. I believe this is more than likely an Nginx issue, rather than Laravel.
Any route that exists can be accessed doing:
/index.php/route
Even stranger, anything preceding index.php will also work:
/abcdefg/abcdef/abcde/abcd/abc/ab/a/index.php/route
It doesn't matter how long the route is, as long as any segment that comes after index.php is correctly defined within routes.php.
The first example loads the correct route with CSS/JS etc but the second doesn't, it only loads the HTML.
Has anyone ever come across this and if so how can you stop this from happening, in both instances? Thanks.
UPDATE: OK folks, below is my Nginx config:
# Enable compression both for HTTP/1.0 and HTTP/1.1.
gzip_http_version 1.1;
# Compression level (1-9).
# 5 is a perfect compromise between size and cpu usage, offering about
# 75% reduction for most ascii files (almost identical to level 9).
gzip_comp_level 5;
# Don't compress anything that's already small and unlikely to shrink much
# if at all (the default is 20 bytes, which is bad as that usually leads to
# larger files after gzipping).
gzip_min_length 500;
# Compress data even for clients that are connecting to us via proxies,
# identified by the "Via" header (required for CloudFront).
gzip_proxied any;
# Tell proxies to cache both the gzipped and regular version of a resource
# whenever the client's Accept-Encoding capabilities header varies;
# Avoids the issue where a non-gzip capable client (which is extremely rare
# today) would display gibberish if their proxy gave them the gzipped version.
gzip_vary on;
# Compress all output labeled with one of the following MIME-types.
gzip_types application/atom+xml application/x-javascript text/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/svg+xml image/x-icon text/css text/plain text/x-component;
server {
listen 80;
server_name www.domain.com domain.com;
return 301 https://domain.com$request_uri;
}
server {
listen 443 ssl;
server_name domain.com;
root /home/forge/default/public;
if ($host = 'www.domain.com') {
rewrite ^/(.*)$ https://domain.com/$1 permanent;
}
# FORGE SSL (DO NOT REMOVE!)
# ssl on;
ssl_certificate /etc/nginx/ssl/default/4980/server.crt;
ssl_certificate_key /etc/nginx/ssl/default/4980/server.key;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
# auth_basic "Restricted Area";
# auth_basic_user_file /home/forge/default/.htpasswd;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
# error_page 404 https://domain.com/404;
location ~ \.php$ {
try_files $uri $uri/ /index.php?$query_string;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ \.html$ {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ /\.ht {
deny all;
}
# Expire rules for static content
# cache.appcache, your document html and data
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
# access_log logs/static.log; # I don't usually include a static log
}
# Feed
location ~* \.(?:rss|atom)$ {
expires 1h;
add_header Cache-Control "public";
}
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|woff)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
Try changing your second location block to this:
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
OK folks, looks like I have solved this issue. I initially tried using Route::filter to detect index.php and then perform a redirect but that didn't work, so instead I have used App::before like so:
App::before(function($request)
{
if (strpos($request->url(), 'index.php/'))
{
return Redirect::to(str_replace(['index.php/'], '', $request->url()), 301);
}
if (strpos($request->url(), 'index.php'))
{
return Redirect::to(str_replace(['index.php'], '', $request->url()), 301);
}
});
This fixes both issues and redirects the request to a URI no longer containing index.php. Hope this helps others who may come accross this issue.
So I am setting up my first Linode (sort of new to managing everything myself). However, I have the following problem. The browser downloads the php file instead of executing it and MS Internet Explorer shows the file's content instead of downloading it.
I've read through a lot of content/answers about this problem but nothing seems works so I'd appreciate your help.
Important to note is that the website "crashes" only when I add the following line to the Virtual Host file
location ~* .(ico|jpg|webp|jpeg|gif|css|png|js|ico|bmp|zip|woff)$ {
expires 365d;
}
Here are the two files in full
NGINX.CONF
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10s;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
# ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
and the sites-available/default file
server {
listen 80 default_server;
listen [::]:80 default_server;
root /www/bloggingwithdani.com;
index index.html index.php index.htm;
server_name localhost;
# pagespeed On;
# pagespeed FileCachePath "/var/cache/ngx_pagespeed/";
# pagespeed EnableFilters combine_css,combine_javascript;
location / {
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~* .(ico|jpg|webp|jpeg|gif|png|ico|bmp|zip|woff|css|js|)$ {
expires 365d;
}
location ~ /\. {
deny all;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~ [^/]\.php(/|$) {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
your php location block looks wrong to me. here's my location block for php
location ~ \.(php)$ {
try_files $uri = 404;
location ~ \..*/.*\.php$ {return 404;}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_keep_conn on;
fastcgi_pass unix:/var/run/php5-fpm.sock;
# fastcgi_pass 127.0.0.1:9000; #passing directly to the socket
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
also, your static file caching is wrong, and has an erroneous wild card parameter. remove the last | and optionally add some extra configuration options to further optimize delivery of static content.
location ~* .(ico|jpg|webp|jpeg|gif|png|ico|bmp|zip|woff|css|js)$ {
expires max;
add_header Vary Accept-Encoding;
access_log off;
}