My nginx config file like this:
server {
listen 80;
listen 443 ssl;
server_name XXX.com;
error_log /log/nginx/xxx.com_error.log;
access_log /log/nginx/xxx.com_access.log main;
root /data/www/;
index index.php index.html index.htm;
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
We need to config the nginx to satisfy following:
1、If url does not has prefix "/api/mobile/index.php",and the request's port is 80, redirect it to https
2、If url has prefix "/api/mobile/index.php",just go on
So I add content in the config file:
location ~ ^(?!/api/mobile/index\.php).*$ {
if ($server_port = "80") {
return 301 https://$server_name$request_uri;
}
rewrite /* $server_name$reqeust_uri last;
}
Now the config file content is :
server {
listen 80;
listen 443 ssl;
server_name XXX.com;
error_log /log/nginx/xxx.com_error.log;
access_log /log/nginx/xxx.com_access.log main;
root /data/www/;
index index.php index.html index.htm;
location ~ ^(?!/api/mobile/index\.php).*$ {
if ($server_port = "80") {
return 301 https://$server_name$request_uri;
}
rewrite /* $server_name$reqeust_uri last;
}
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Than the request match the first location, will not match the other location.
That means these request couldn't go through the php cgi.
Is there anyone who knows how to solve the problem?
Nginx matches only one location. Move config to first location too.
location ~ ^(?!/api/mobile/index\.php).*$ {
if ($server_port = "80") {
return 301 https://$server_name$request_uri;
}
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
There's the option to use two separated server context, and didn't use if statement (read why here: https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/).
The configuration could be:
server {
listen 80;
server_name XXX.com;
error_log /log/nginx/xxx.com_error.log;
access_log /log/nginx/xxx.com_access.log;
root /data/www;
index index.php index.html index.htm;
location /api/mobile/index.php {
rewrite ^(.*)$ https://$host$1 redirect;
}
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_param;
}
}
server {
listen 443 ssl http2;
server_name XXX.com;
error_log /log/nginx/xxx.com_ssl_error.log;
access_log /log/nginx/xxx.com_ssl_access.log;
root /data/www;
index index.php index.html index.htm;
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_param;
}
}
Related
Good Morning guys,
i am trying to create an working Nginx Config.
I have two web applications:
/app/web
/app/api
My URL should look like this:
10.X.X.XX => /app/web
10.X.X.XX/api => /app/api
My current config:
server {
listen 80 default_server;
index index.php index.html index.htm;
root /app/web;
location /api {
root /app/api;
}
location ~ [^/]\.php(/|$) {
autoindex on;
autoindex_exact_size on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
error_log stderr warn;
access_log /dev/stdout main;
client_max_body_size 10M;
}
Any suggestions?
You can host multiple site if you follow below configuration. This is a working code. You can modify it according to your need
server {
# Listing port and host address
# If 443, make sure to include ssl configuration for the same.
listen 80;
listen [::]:80;
server_name 192.168.0.132;
# Default index pages
index index.php;
# Root for / shipment
root /var/www/msdsl/shipment/public;
# Handle main root / shipment
location / {
#deny all;
try_files $uri $uri/ /index.php?$args;
}
# Handle restora project, just replicate this section for further projects app3, app4
# by just replacing restora with appropriate tag(project1,/project2/project 3)
location /restora {
# Root for this project
root /var/www/msdsl/restora/public;
# Rewrite $uri=/restora/xyz back to just $uri=/xyz
rewrite ^/restora/(.*)$ /$1 break;
# Try to send static file at $url or $uri/
# Else try /index.php (which will hit location ~\.php$ below)
try_files $uri $uri/ /index.php?$args;
}
location /tposreport {
# Root for this project
root /var/www/msdsl/tposreport/public;
# Rewrite $uri=/tposreport/xyz back to just $uri=/xyz
rewrite ^/tposreport/(.*)$ /$1 break;
# Try to send static file at $url or $uri/
# Else try /index.php (which will hit location ~\.php$ below)
try_files $uri $uri/ /index.php?$args;
}
# Handle all locations *.php files (which will always be just /index.php)
# via factcgi PHP-FPM unix socket
location ~ \.php$ {
# At this point, $uri is /index.php, $args=any GET ?key=value and $request_uri = /restora/xyz.
# But we don't want to pass /restora/xyz to PHP-FPM, we want just /xyz to pass to fastcgi REQUESTE_URI below.
# This allows laravel to see /restora/xyz as just /xyz in its router.
# So laravel route('/xyz') responds to /restora/xyz as you would expect.
set $newurl $request_uri;
if ($newurl ~ ^/tposreport(.*)$) {
set $newurl $1;
root /var/www/msdsl/tposreport/public;
}
if ($newurl ~ ^/restora(.*)$) {
set $newurl $1;
root /var/www/msdsl/restora/public;
}
# Pass all PHP files to fastcgi php fpm unix socket
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Use php fpm sock which is installed on your machine like php7.2, php5.6
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
# Here we are telling php fpm to use updated route that we've created to properly
# response to laravel routes.
fastcgi_param REQUEST_URI $newurl;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
# Deny .ht* access
location ~ /\.ht {
deny all;
}
}`
Just copy and paste the same config into a new file
Name it the same as the subdomain you want it to run on
Give the path to the folder
Add the new subdomain to the hosts file
Restart nginx
Create 2 more servers in nginx. The first for /api (listen en 8080 for example), the other for /web (on 8081). Your main serveur (on 80/443) is then a proxy on the others :
upstream backend_api{
server 127.0.0.1:8080;
}
upstream backend_web{
server 127.0.0.1:8081;
}
server {
listen 80;
server_name www.example.com example.com;
location /api{
include proxy_params;
proxy_pass http://backend_api;
}
location / {
include proxy_params;
proxy_pass http://backend_web;
}
}
server {
listen 8080 default_server;
index index.php index.html index.htm;
root /app/api;
location ~ [^/]\.php(/|$) {
autoindex on;
autoindex_exact_size on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
error_log stderr warn;
access_log /dev/stdout main;
client_max_body_size 10M; }
server {
listen 8081 default_server;
index index.php index.html index.htm;
root /app/web;
location ~ [^/]\.php(/|$) {
autoindex on;
autoindex_exact_size on;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
error_log stderr warn;
access_log /dev/stdout main;
client_max_body_size 10M;
}
I am configuring virtual host to serve .localhost domain on my mac. But when I open "project.localhost" in my browser it shows the same page as, browsing the index of localhost. (ps: I've also configured dnsmasq and /etc/hosts). (trying to serve index.php)
Here is my nginx.conf:
worker_processes 1;
events {
worker_connections 1024; }
http {
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 64;
client_max_body_size 50M;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
root html;
location / {
# root html;
index index.php index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
# root html;
}
location ~ \.php$ {
# root html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
include servers/*; }
and here is sites-available:
server {
listen 80;
listen project.localhost:80;
server_name project.localhost;
location / {
root html/project.localhost/public_html;
index index.php index.html index.htm;
try_files $uri $uri/ =404;
}
location ~ \.php$ {
root html/project.localhost/public_html;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
and here is dnsmasq.conf:
address=/.localhost/127.0.0.1
and here is /etc/hosts:
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost
127.0.0.1 project.localhost www.project.localhost
but when I browse project.localhost in my browser it shows same page as localhost/index.php. What am I doing wrong?
As #Richard mentioned in the comment section I was able to solve the issue by including sites-available/*.conf: include /usr/local/etc/nginx/sites-available/*.conf, just before include server/* into my nginx.conf. Thank you #Richard
I have some site on Nginx with page and API for it. Location of html page is
var/www/mysite/mysite_rest
and location of api is
var/www/mysite/mysite_rest/api
The next configuration works fine for me:
server {
listen 80;
server_name example.com;
# return 301 https://$host$request_uri;
return 301 https://example.com;
rewrite ^ https://example.com$request_uri? permanent;
client_max_body_size 350M;
}
server {
listen 443 ssl http2;
server_name example.com;
charset UTF-8;
# certs sent to the client in SERVER HELLO are concatenated in
ssl_certificate
ssl_certificate /etc/ssl/example.crt;
ssl_certificate_key /etc/ssl/example.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 30m;
keepalive_timeout 70;
ssl_session_tickets off;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers off;
# ssl_stapling on;
ssl_trusted_certificate /etc/ssl/example.crt;
# resolver 8.8.8.8;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
# add_header Strict-Transport-Security max-age=31536000 always;
add_header X-Frame-Options DENY;
# add_header Public-Key-Pins 'pin-sha256="base64+info1="; max-age=31536000'
always;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
##
rewrite ^/(.*)/$ /$1 permanent;
rewrite ^/api/(.*)$ /api/index.php?_url=/$1 last;
rewrite ^/api$ /api/index.php?_url=/ last;
##
location / {
root /var/www/mysite/mysite_rest;
charset utf-8;
index index.php index.html;
}
location /api {
internal;
root /var/www/mysite/mysite_rest/api;
index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass unix:/var/run/php7.1-fpm.sock;
fastcgi_pass 127.0.0.1:9000;
# fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param SCRIPT_FILENAME /var/www/mysite/mysite_rest/api/index.php;
fastcgi_param SCRIPT_NAME index.php;
fastcgi_param HTTPS on;
# fastcgi_param HTTP_HTTPS on;
fastcgi_param REQUEST_SCHEME https;
fastcgi_param SERVER_PORT 443;
}
}
And now I need to install wordpress alongside my site, I downloaded it and placed in
var/www/mysite/wp
folder, then added to Nginx conf the next line:
location /wp {
internal;
root /var/www/mysite/wp;
index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass unix:/var/run/php7.1-fpm.sock;
fastcgi_pass 127.0.0.1:9000;
# fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param SCRIPT_FILENAME /var/www/mysite/wp/index.php;
fastcgi_param SCRIPT_NAME index.php;
# fastcgi_param HTTPS on;
fastcgi_param HTTP_HTTPS on;
fastcgi_param REQUEST_SCHEME https;
fastcgi_param SERVER_PORT 443;
}
The result of requesting url: example.com/wp is 404. What I'm doing wrong?
UPD1 When deleting "internal" the request rewrites on https://example.comindex.php/wp-admin/install.php
UPD2 Add the next lines for wordpressp location instead of previous:
location ^~ /wp {
root /var/www/mysite/mysite_rest;
index index.php index.html index.htm;
try_files $uri $uri/ /wp/index.php;
location ~ \.php {
fastcgi_split_path_info ^(.*\.php)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_pass 127.0.0.1:9000;
}
This allowed me to run install, but than when I'm requesting example.com/wp it causes ERR_TOO_MANY_REDIRECTS . I can access /wp-login.php by manually request.
You have used the internal directive which prevents external access to the location. The root directive is wrong and you have no way to load WordPress static files.
You could try something like this:
location ^~ /wp {
root /var/www/mysite;
index index.php;
try_files $uri $uri/ /wp/index.php;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
Don't forget to configure WordPress with the correct URL. See this document for details.
I would like to nest several dedicated routes within a site to specific directories which might not have the same name. I can't figure out how to do a rewrite of the path it uses for the try_files.
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/default;
index index.html;
server_name _;
if ($bad_referer) {
return 444;
}
location / {
try_files $uri $uri/ =404;
}
location /postfixadmin/ {
access_log /var/log/nginx/postfixadmin/access.log;
error_log /var/log/nginx/postfixadmin/error.log;
root /var/www/postfixadmin/;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php;
location ~ \.php$ {
include fastcgi.conf;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~* \.(css|js|gif|jpe?g|png|woff|woff2|ttf|eot|svg|ico)$ {
expires 168h;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
}
location /email/ {
#access_log /var/log/nginx/roundcube/access.log;
#error_log /var/log/nginx/roundcube/error.log;
root /var/www/roundcube/;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php;
location ~ \.php$ {
include fastcgi.conf;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~* \.(css|js|gif|jpe?g|png|woff|woff2|ttf|eot|svg|ico)$ {
expires 168h;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
}
}
When I navigate to www.site.com/email, I receive a 404, and I'm assuming that is because it's looking for /var/www/roundcube/email/index.php, which doesn't exist. What do I need to do to rewrite the file path before the try_files?
I figured out the solution, and it turns out to be fairly simple. Using alias, rather than root uses only the section of the string after the portion matching the location, so I was looking in the right directory. The other problem was that PHP wasn't being passed the correct script name so it was still looking in the wrong place. Solution was to pass in fastcgi_param SCRIPT_FILENAME $request_filename;. I was also able to get rid of the try_files section, though I'm not 100% certain why.
Here is the working solutions:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/default;
index index.html;
server_name _;
if ($bad_referer) {
return 444;
}
try_files $uri $uri/ =404;
location /postfixadmin {
alias /var/www/postfixadmin/;
index index.php index.html index.htm;
location ~ /postfixadmin/.+\.php$ {
include fastcgi.conf;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~* \.(css|js|gif|jpe?g|png|woff|woff2|ttf|eot|svg|ico)$ {
expires 168h;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
}
location /email {
alias /var/www/roundcube/;
index index.php index.html index.htm;
location ~ /email/.+\.php$ {
include fastcgi.conf;
fastcgi_index index.php;
fastcgi_intercept_errors on;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
}
location ~* \.(css|js|gif|jpe?g|png|woff|woff2|ttf|eot|svg|ico)$ {
expires 168h;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
}
}
I want to use Baikal on my server together with NGINX. The index.php of baikal is in /baikal/html
The request for the following configuration works with this url:
https://www.mydomain.com:8001/baikal/html
How can I change the NGINX configuration that
https://www.mydomain.com:8001/baikal
gets redirected to https://www.mydomain.com:8001/baikal/html?
Here is my NGINX configuration:
server {
listen 8001;
ssl on; # <-------------------------------------------- SSL
ssl_certificate /etc/nginx/ssl/seahub.crt; # <--------- SSL
ssl_certificate_key /etc/nginx/ssl/seahub.key; # <----- SSL
server_name confile.no-ip.biz; #.tld; # <----------------- CHANGE THIS
root /usr/share/nginx/www;
index index.html index.htm index.php;
rewrite ^/.well-known/caldav /cal.php redirect;
rewrite ^/.well-known/carddav /card.php redirect;
location / {
location ~ ^(.+\.php)(.*) {
try_files $fastcgi_script_name =404;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
include fastcgi_params;
}
charset utf-8;
location ~ /(\.ht|Core|Specific) {
deny all;
return 404;
}
}
}
First of all, you should not have a location inside of another location. Make sure they're all seperate.
Next, to actually create the rewrite:
location = /baikal {
return 301 /baikal/html
}
should do the trick.