Hello I am trying to serve a php web application using Nginx PHP-FPM using a tcp socket on a remote host and a lighttd to serve static content on a remote server.
I succeed to link those three blocks but I have an issue to manage the interactions.
Here my Nginx proxy configuration
upstream xxxx-staging {
server xxxxx.com:81 fail_timeout=0;
}
server {
listen 80;
server_name xxxxxxx.com;
return 301 https://xxxxx.com$request_uri;
}
server {
listen 443 ssl;
server_name xxxxxx.com;
root /xxxxxx/public;
ssl_certificate /etc/nginx/ssl/xxx.com.pem;
ssl_certificate_key /etc/nginx/ssl/xxx.com.key;
access_log /var/log/nginx/xxx.access.log;
error_log /var/log/nginx/xxx.error.log error;
client_max_body_size 256m;
proxy_intercept_errors on;
error_page 404 = /index.php;
error_page 405 = 200$uri;
location = / {index index.php;}
location / {
proxy_pass http://xxxxx-staging;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Please authenticate";
auth_basic_user_file /etc/nginx/passwords/xxxxxxx.com.passwdfile;
}
location ~ ^/index\.php$(/|$) {
fastcgi_pass xxxxx.com:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
}
When I removed error_page 405 = 200$uri; symfony is returning me a method post not allowed and when I put it nginx is returning me a 405.
I clearly missunderstand how the communication are established but don't know where I am wrong.
You are using auth_basic and auth_basic_user_file in the location / block. Am I right that you don't get a prompt to enter a password when you navigate to the side and get instead directly the 405 error?
I interpret the error to mean that an authentication is expected but doesn't happen. I would suggest to move auth_basic and auth_basic_user_file up one level in the server block. That way everything is covered and not only the one location block and you should get the password prompt.
upstream xxxx-staging {
server xxxxx.com:81 fail_timeout=0;
}
server {
listen 80;
server_name xxxxxxx.com;
return 301 https://xxxxx.com$request_uri;
}
server {
listen 443 ssl;
server_name xxxxxx.com;
root /xxxxxx/public;
auth_basic "Please authenticate";
auth_basic_user_file /etc/nginx/passwords/xxxxxxx.com.passwdfile;
ssl_certificate /etc/nginx/ssl/xxx.com.pem;
ssl_certificate_key /etc/nginx/ssl/xxx.com.key;
access_log /var/log/nginx/xxx.access.log;
error_log /var/log/nginx/xxx.error.log error;
client_max_body_size 256m;
proxy_intercept_errors on;
error_page 404 = /index.php;
error_page 405 = 200$uri;
location = / {index index.php;}
location / {
proxy_pass http://xxxxx-staging;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ ^/index\.php$(/|$) {
fastcgi_pass xxxxx.com:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
}
I hope that helps you.
Related
When I go to an address belonging to the .php extension, it gives an error and does not open the relevant file.
For example:
When I open the https://www.example.com/test.php file, it gives 404 error.
But
When I open the https://www.example.com/test.txt file it opens successfully.
Note:I am using Load Balance.
NGINX site configuration settings:
proxy_cache_path /tmp/cacheapi/examplecomm levels=1:2 keys_zone=examplecomm_microcacheapi:100m max_size=1g inactive=1d use_temp_path=off;
server {
proxy_cache examplecomm_microcacheapi;
proxy_cache_key "$scheme$request_method$host$request_uri";
proxy_cache_valid 200 302 30s;
if ($host = example.com) {
return 301 https://www.$host$request_uri;
}
root /var/www/xxx/public_html/www/eshop;
include snippets/php8.conf;
access_log /var/www/xxx/public_html/www/logs/examplecomm.acces.log;
error_log /var/www/xxx/public_html/www/logs/examplecomm.error.log;
error_page 404 /404;
error_page 301 /;
location ~* \.(css|js|pdf|zip|rar|txt|webp)$ {
expires 1h;
}
# Add index.php to the list if you are using PHP
index index.html index.htm index.php;
server_name example.com www.example.com;
location / {
rewrite ^/([a-z,_,A-Z,0-9,\/,-]+)/$ /index.php?page=$1&$query_string;
rewrite ^/([a-z,_,A-Z,0-9,\/,-]+)$ /index.php?page=$1&$query_string;
}
listen [::]:80;
listen 80;
}
snippets/php8.conf:
location ~ \.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_cache_valid 3s;
proxy_no_cache $cookie_PHPSESSID;
proxy_cache_bypass $cookie_PHPSESSID;
proxy_cache_key "$scheme$host$request_uri";
add_header X-Cache $upstream_cache_status;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
include fastcgi_params;
}
Could you help me?
Everyone.
Yesterday i did good of my experiment with nginx, but suddenly my nginx was suddenly error (can't reboot or stop or start) and i had to reinstall it.
But i forgot the code.
So the .conf would help you process to the other web. for Example :
My IP Server : 192.302.xx.xxx
I set listen port to : 3000
I only type 192.302.xx.xxx:3000 and then my ip would show up the proxy pass for example watching youtube, it would become like this 92.302.xx.xxx:3000/v=watch?4hnb32yh even it linked when i press the button in my ip, even the blocked site from my local gov. all i need is only change the proxy pass. For example : Adult Videos Site, etc (Except site that reverse proxy like cloudflare one)
And today i want to recreate that one but it fails, these are my code
upstream backend_mirrors {
server anotherwebsite1.id;
server anotherwebsite2.com;
}
server {
listen 3000;
listen [::]:3000;
server_name 192.302.xx.xxx;
return 301 https://website_that_i_want_togo/$request_uri$is_args$args;
}
server {
listen 433 ssl;
listen [::]:433 ssl;
server_name 192.302.xx.xxx;
ssl_certificate "/etc/letsencrypt/live/myservername/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/myservername/privkey.pem";
#include /etc/letsencrypt/option-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
ssl_session_timeout 1d;
ssl_session_tickets off;
location / {
resolver 8.8.8.8;
mirror /mirror;
mirror_request_body on;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass https://website_that_i_want_togo/;
}
location /mirror {
internal;
proxy_pass https://givesometraffictootherwebsites/;
proxy_set_header X-SERVER-PORT $server_port;
proxy_set_header X-SERVER-ADDR $server_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-REAL-IP $remote_addr;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
What i want to :
192.138.xx.xxx:3000 but i can open some other website like blocked websites from domain sites.
But the ip address still with it when i change to other page
192.138.xx.xxx:3000/search but it still full function like the website that i put in proxy_pass
But what my code do :
It's auto redirect to proxy_pass sites even the header changed
I am trying to create a php inside my docker container
However, when I go to the localhost on my browser, I keep getting the 502 bad gateway.
The error log shows
[error] 11#0: *1 connect() failed (111: Connection refused) while connecting to upstream, client: (my IP), server: localhost, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "localhost"
My nginx conf looks like this
server {
listen 80;
server_name jenkins.local;
root /var/www/html;
index index.php;
access_log /var/log/nginx/localhost-access.log;
error_log /var/log/nginx/localhost-error.log;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_intercept_errors on;
}
}
I am new to docker and PHP so please let me know if I need to provide any other information.
Did you start php-fpm?
Is port 9000 open?
Brief edition
upstream websocketserver {
server localhost:8080;
}
server {
listen 80;
server_name jenkins.local; //Or try localhost;
root /var/www/html;
index index.php;
access_log /var/log/nginx/localhost-access.log;
error_log /var/log/nginx/localhost-error.log;
location / {
proxy_pass http://websocketserver;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_read_timeout 86400; # neccessary to avoid websocket timeout disconnect
proxy_send_timeout 900s;
proxy_redirect off;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock; //Check if your php is 7.4, run php -v
}
}
I try to run node js and php on the same domain with nginx. However the location for php ("/ajax") does not work. I always get the message "File not found.". The nginx logs print
The URL is http://localhost:8085/ajax so far, the scripts are located at /var/www/public
The folder /ajax does NOT exist (none of the paths do, as everthing shall be redirected to /var/www/public/index.php)
nginx | 2017/08/27 20:47:48 [error] 6#6: *6 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 172.23.0.1, server: localhost, request: "GET /ajax HTTP/1.1", upstream: "fastcgi://172.23.0.4:9000", host: "localhost:8085"
nginx | 172.23.0.1 - - [27/Aug/2017:20:47:48 +0000] "GET /ajax HTTP/1.1" 404 27 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" "-"
This is my configuration, what do I have to change?
upstream react {
server react:3000;
keepalive 8;
}
server {
listen 0.0.0.0:80;
server_name localhost;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://react;
proxy_redirect off;
}
location /ajax {
index index.php index.html;
root /var/www/public;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass app:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
client_max_body_size 5m;
}
I tried
fastcgi_param SCRIPT_FILENAME /var/www/public$fastcgi_script_name;
as suggested in some threads, but that does not work
So I have trying to work on your Issue for last 3 days, to get a better and deeper understanding of FASTCGI. I put a logger between and NGINX and FPM, and that helped me better understand the interactions. Below is the config that I believe should work for you
Edit-1
Updated config after resolving issue on chat
upstream react {
server react:3000;
keepalive 8;
}
map $fastcgi_script_name $fastcgi_script_name_fcgi {
"~*/ajax/(?P<rest_url>.*)$" /$rest_url;
default $fastcgi_script_name;
}
map $request_uri $request_uri_fcgi {
"~*/ajax/(?P<rest_url>.*)$" /$rest_url;
default $request_uri;
}
map $document_uri $document_uri_fcgi {
"~*/ajax/(?P<rest_url>.*)$" /$rest_url;
default $document_uri_fcgi;
}
server {
listen 0.0.0.0:80;
server_name localhost;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://react;
proxy_redirect off;
}
location /ajax {
alias /var/www/public;
try_files $uri #php;
}
location #php {
fastcgi_split_path_info ^/ajax/(.+\.php)(/.+)$;
fastcgi_pass fpm:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_param REQUEST_URI $request_uri_fcgi;
fastcgi_param DOCUMENT_URI $document_uri_fcgi;
fastcgi_param SCRIPT_FILENAME /var/www/public/index.php;
}
client_max_body_size 5m;
}
So the basic idea is to replace /ajax from document_root using the alias directive. Then to override the request_uri and other parameters so the correct urls reach the PHP code for route resolution.
Below is part of what my php script receives when I call http://vm/ajax/router.php?x=2
{
"COOKIES": null,
"GET": {
"x": "2"
},
"POST": [],
"REQUEST": {
"x": "2"
},
"HEADERS": null,
"SERVER": {
"HOME": "/var/www",
"SCRIPT_FILENAME": "/var/www/html/router.php",
"DOCUMENT_ROOT": "/var/www/html",
"DOCUMENT_URI": "/router.php",
"REQUEST_URI": "/router.php?x=2",
"SCRIPT_NAME": "/router.php",
"CONTENT_LENGTH": "",
"CONTENT_TYPE": "",
"REQUEST_METHOD": "GET",
"QUERY_STRING": "x=2",
"FCGI_ROLE": "RESPONDER",
"PHP_SELF": "/router.php",
"argv": [
"x=2"
],
"argc": 1
}
}
As you can see nothing gets /ajax
The current configuration works for me, however /ajax is passed to php-fpm. I was not able to get rid of the /ajax prefix in all variables like REQUEST_URI
upstream react {
server react:3000;
keepalive 8;
}
server {
listen 0.0.0.0:80;
server_name localhost;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://react;
proxy_redirect off;
}
location /ajax {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_pass app:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/public$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
client_max_body_size 5m;
}
I want Nginx to serve both my jenkins server and my Laravel (php) application. Here is my Nginx configuration:
server {
listen 80 default_server;
server_name localhost;
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Fix the "It appears that your reverse proxy set up is broken" error.
proxy_pass http://127.0.0.1:8081;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:8081 https://jenkins.domain.tld;
}
}
server {
listen 9000;
listen [::]:9000;
root /var/www/my-app/public;
index index.php index.html index.htm;
server_name my-app.io;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
I am using virtual-box as my virtual machine emulator for ubuntu 14. I am able to access jenkins application by going to http://127.0.0.1:8081 (I have changed the jenkins default port).
But when I am trying to access http://127.0.0.1:9000 I am getting an error, I have checked Ngnix logs but couldn't find any information regarding a request to port 9000.
Also I have made port forwarding in virtual-box, here is a screenshot:
Any help would be great.
Use server_name localhost too for php.