We Keep Coding

nginx php8.2-fpm not rendering

I am trying to set up an nginx with php8.2-fpm, but all i get is a index.php downloaded.
I search for that problem an found that the problem is the connection between nginx and fpm, but i am not finding where it breaks.
here is my website nginx conf:
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/var/run/php/php-fpm.sock;
}
server {
listen 80;
listen [::]:80;
server_name website.com;
# enforce https
return 301 https://$server_name:443$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name website.com;
# Use Mozilla's guidelines for SSL/TLS settings
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
# NOTE: some settings below might be redundant
ssl_certificate /etc/letsencrypt/live/website.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/website.com/privkey.pem; # managed by Certbot
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /var/www/nextcloud;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /nextcloud/public.php?service=host-meta-json last;
# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /nextcloud/public.php?service=webfinger last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
}
location /.well-known/acme-challenge { }
location ^~ /nextcloud {
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location /nextcloud {
rewrite ^ /nextcloud/index.php;
}
location ~ ^\/nextcloud\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ~ ^\/nextcloud\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
fastcgi_pass php-handler;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^\/nextcloud\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location ~ ^\/nextcloud\/.+[^\/]\.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /nextcloud/index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended
# to have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read
# into this topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location ~ ^\/nextcloud\/.+[^\/]\.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ {
try_files $uri /nextcloud/index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
}
}
The fpm service is running. I even tried fpm version 7.3, 8.1 and 8.2. If i try to change the "upstream handler" to the loopback interface i get the same result. Even the change of the socket path to "/var/run/php/phpversion-fpm.sock" doesn't work. I tried some changes in the location block, and changed the location block regex, but nothing helped.
I would love to solve this, at least for know how to fix this for the next time.
Please stackoverflow you are my last hope.

using php8.x
use:
/run/php/php versão -fpm.sock
"Even the change of the socket path to /var/run/php/phpversion-fpm.sock doesn't work."

why GET parameters not forwarded to php from nginx for specific urls?

I'm having a wired problem with NGINX or PHP (Laravel). I don't know what happened to the server. It was working fine and I know I haven't change any configuration on NGINX or PHP.
Problem: When I'm using php $_GET to access params then for some reasons on some urls, this variable is empty and for some there is value which I want.
1st URL : /news/rapido-news?pid=123
In the above url I'm able to get pid successfully in php.
2nd URL : /news/amazon-aws-services?pid=432
In this url I'm not able to get pid from php and if I add more params then still $_GET is empty for this url .
I'm having this issue on multiple urls and some urls working fine.
here is my NGNIX conf file :
server {
root /home/project/public_html/public;
#if ($bad_referer) {
# return 444;
#} i
if ($http_from != "some_specific_page") {
return 301 https://example.com$request_uri;
}
server_name example.com ;
rewrite ^/((?!blackfridaysale)(?!cybermondaysale)(?!review-competition).*)/$ /$1 permanent;
keepalive_timeout 3;
error_log /var/log/nginx/example.error.log;
access_log /var/log/nginx/example.access.log main buffer=100k flush=5m;
gzip on; gzip_types image/svg+xml text/plain application/x-javascript text/xml text/css application/javascript;
gzip_proxied no-cache no-store private expired auth;
gzip_min_length 1000; gzip_vary on;
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s; open_file_cache_min_uses 5;
open_file_cache_errors off;
proxy_http_version 1.1;
proxy_set_header Connection ""; index index.php index.html index.htm;
add_header Access-Control-Allow-Origin $http_origin;
add_header "Access-Control-Allow-Credentials" "true";
location ~ ^/(rs\/(.+)\/(.*?\.(jpg|png|gif|jpeg|bmp|JPG|PNG|GIF|JPEG|BMP)))\/([0-9]+)\/([0-9]+)$ {
access_log off; log_not_found off;
try_files "/images/rs/$2/$5x$6/$3" 404;
expires 300d; add_header Pragma "public";
add_header Cache-Control "public";
proxy_ignore_headers Set-Cookie;
proxy_hide_header "Set-Cookie";
}
location ~* \.(ico|css|js|woff|woff2|gif|jpeg|jpg|png|ttf|otf|svg|eot|webp)$ {
access_log off; log_not_found off;
rewrite ^(.+)\.(##hash|\d+)\.(svg|js|css|png|jpg|gif)$ $1.$3 last;
proxy_ignore_headers Set-Cookie;
proxy_hide_header "Set-Cookie";
expires 300d;
add_header Pragma "public";
add_header Cache-Control "public";
}
error_page 404 /404.html;
location / {
root /home/project/public_html/public;
try_files $uri /index.php?$query_string;
}
location ~ \.php$ {
root /home/project/public_html/public;
fastcgi_pass 127.0.0.1:9001; # php-fpm;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
add_header 'Access-Control-Allow-Origin' "$http_origin";
add_header 'Access-Control-Allow-Credentials' 'true';
#add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
#add_header X-Robots-Tag none;
#add_header X-Download-Options noopen;
#add_header X-Permitted-Cross-Domain-Policies none;
#fastcgi_buffer_size 128k;
#fastcgi_buffers 256 16k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
proxy_connect_timeout 1200s;
proxy_send_timeout 1200s;
proxy_read_timeout 1200s;
fastcgi_send_timeout 1200s;
fastcgi_read_timeout 1200s;
}
}

PHP can't write despite having permissions

I'm trying to set up prestashop but can't get php to recognize write permissions.
I'm getting the following error
You need to grant write permissions for PHP on the following directory: /usr/share/nginx/presta
output of ls -la
total 75960
drwxr-xr-x 2 http http 4096 Oct 5 23:45 .
drwxrwxrwx 5 root root 4096 Oct 5 20:58 ..
-rw-r--r-- 1 http http 690272 Sep 14 12:00 index.php
-rw-r--r-- 1 http http 441 Jun 15 11:32 Install_PrestaShop.html
-rw-r--r-- 1 http http 77073848 Sep 14 12:00 prestashop.zip
I'm using nginx on arch here's http server config
server {
# Ipv4
listen 82 ssl;
# IPv6
# listen [::]:80;
# SSL Ipv4 & v6
# listen 443 ssl http2;
# listen [::]:443 ssl;
# Your SSL Certificates, don't forget to take a look at Certbot (https://certbot.eff.org)
# ssl_certificate /etc/ssl/fullchain.pem;
# ssl_certificate_key /etc/ssl/privkey.pem;
ssl_certificate /etc/letsencrypt/live/domain.tld/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.tld/privkey.pem; # managed by Certbot
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# ssl_session_timeout 24h;
# ssl_session_cache shared:SSL:10m;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:RSA+3DES:AES128-SHA:!ADH:!AECDH:!MD5;
# ssl_prefer_server_ciphers on;
# Do not forget to create this file before with OpenSSL : "openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048"
# ssl_dhparam /etc/nginx/ssl/dhparam.pem;
# [REQUIRED EDIT] Your domain name goes here
server_name domain.tld;
# [REQUIRED EDIT] Absolute path to your website root on the filesystem
root /usr/share/nginx/presta;
index index.php;
# Redirect 404 errors to prestashop
error_page 404 /index.php?controller=404;
# Gzip Settings, convert all types.
gzip on;
gzip_vary on;
gzip_proxied any;
# Can be enhance to 5, but it can slow you server
# gzip_comp_level 5;
# gzip_min_length 256;
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
# HSTS (Force clients to interact with your website using HTTPS only)
# For enhanced security, register your site here: https://hstspreload.org/
# WARNING: Don't use this if your site is not fully on HTTPS!
# add_header Strict-Transport-Security "max-age=63072000; includeSubDomains" preload; always;
# Cloudflare / Max CDN fix
location ~* \.(eot|otf|ttf|woff(?:2)?)$ {
add_header Access-Control-Allow-Origin *;
}
# Force pdf files to be downloaded
location ~* \.pdf$ {
add_header Content-Disposition Attachment;
add_header X-Content-Type-Options nosniff;
}
# Force files in upload directory to be downloaded
location ~ ^/upload/ {
add_header Content-Disposition Attachment;
add_header X-Content-Type-Options nosniff;
}
# Do not save logs for these
location = /favicon.ico {
auth_basic off;
allow all;
log_not_found off;
access_log off;
}
location = /robots.txt {
auth_basic off;
allow all;
log_not_found off;
access_log off;
}
# [REQUIRED EDIT] if you are using multiple languages
# rewrite ^/fr$ /fr/ redirect;
# rewrite ^/fr/(.*) /$1;
# Images
rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last;
rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last;
rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last;
# AlphaImageLoader for IE and fancybox
rewrite ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 last;
# Web service API
rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
# Installation sandbox
rewrite ^(/install(?:-dev)?/sandbox)/(.*) /$1/test.php last;
# without this line nginx seo url not working.
try_files $uri $uri/ /index.php?$args;
# [REQUIRED EDIT] Change this block to your admin folder
location /admin-dev/ {
if (!-e $request_filename) {
rewrite ^/.*$ /admin-dev/index.php last;
}
}
# File security
# .htaccess .DS_Store .htpasswd etc
location ~ /\. {
deny all;
}
# Source code directories
location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tests-legacy|tools|translations|travis-scripts|vendor|var)/ {
deny all;
}
# vendor in modules directory
location ~ ^/modules/.*/vendor/ {
deny all;
}
# Prevent exposing other sensitive files
location ~ \.(yml|log|tpl|twig|sass)$ {
deny all;
}
# Prevent injection of php files
location /upload {
location ~ \.php$ {
deny all;
}
}
location /img {
location ~ \.php$ {
deny all;
}
}
# PHP FPM part
location ~ \.php$ {
# Verify that the file exists, redirect to index if not
try_files $fastcgi_script_name /index.php$uri&$args =404;
fastcgi_index index.php;
# Environment variables for PHP
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# [REQUIRED EDIT] Connection to PHP-FPM - choose one
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_pass unix:/run/php/php7.3-fpm.sock;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_keep_conn on;
fastcgi_read_timeout 30s;
fastcgi_send_timeout 30s;
# In case of long loading or 502 / 504 errors
# fastcgi_buffer_size 256k;
# fastcgi_buffers 256 16k;
# fastcgi_busy_buffers_size 256k;
client_max_body_size 16M;
}
}
PHP is running under the http user, confirmed that by running a file containing <?php echo `whoami`; ?> from the browser.
A simple php file using fwrite also fails.
And yes I tried changing permissions of all files and dirs to 777/666 to check if maybe somehow php ran under different user but it did nothing.

Why install PrstaShop there?
It is customary to install it in the webserver root which for linux bases servers is either /var/www (/var/www/html) or chrooted user directories.
PHP will have no issue there.

nginx: "rewrite or internal redirection cycle while processing "/index.php""

I inherited an existing nginx+php web server running a magento dev environment, and I'm trying to figure out why it is not working. I am able to get to the main page of the site (http://www6.MYDOMAIN.com/freesample), but any other page (such as http://www6.MYDOMAIN.com/freesample/PRODUCT-XYZ-p-1234.html) results in a "500 Internal Server Error nginx/1.10.1" in the browser, and this in the logs:
2017/02/07 20:43:23 [error] 30207#0: *980 rewrite or internal redirection cycle while processing "/index.php", client: MYIPADDRESS, server: www6.MYDOMAIN.com, request: "GET /freesample/PRODUCT-XYZ-p-1234.html HTTP/1.1", host: "www6.MYDOMAIN.com"
Here is my nginx.conf:
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
#brotli_static on;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request "'
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
autoindex off;
map $scheme $fastcgi_https { ## Detect when HTTPS is used
default off;
https on;
}
keepalive_timeout 10;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Load config files from the /etc/nginx/conf.d directory
include /etc/nginx/conf.d/magento.conf;
#include /etc/nginx/conf.d/magento.ssl.conf;
}
And here is the magento.conf that it is referencing:
server {
listen 80;
server_name www6.MYDOMAIN.com;
#rewrite / $scheme://www.$host$request_uri permanent; ## Forcibly prepend a www
}
server {
listen 80 default;
## SSL directives might go here
server_name www6.MYDOMAIN.com; # Domain is here twice so server_name_in_redirect will favour the www
### root /var/www/html/freesample/;
root /var/www/html;
##
# Pagespeed main settings
#pagespeed on;
#pagespeed FileCachePath /var/ngx_pagespeed_cache;
#pagespeed Statistics on;
#pagespeed StatisticsLogging on;
#pagespeed LogDir /var/log/pagespeed;
#pagespeed AdminPath /pagespeed_admin;
#location ~ ^/pagespeed_admin {
# allow 127.0.0.1;
# allow 47.23.129.108;
# deny all;
#}
# Ensure requests for pagespeed optimized resources go to the pagespeed
# handler and no extraneous headers get set.
#location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" { add_header "" ""; }
#location ~ "^/ngx_pagespeed_static/" { }
#location ~ "^/ngx_pagespeed_beacon" { }
## end pagespeed
### SLI
#location ~ ^/search/go(.*)$ {
#rewrite ^/search/go(.*)$ /search$1 break;
#proxy_pass http://myspicesage.resultsdemo.com;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
#location ~ ^/search/(.*)$ {
#rewrite ^/search/(.*)$ /$1 break;
#proxy_pass http://myspicesage.resultsdemo.com;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
#location ~ ^/myspicesage/(.+)$ {
#rewrite ^/myspicesage/(.+)$ /search?_raw_champ_word=$1&champ=1&view=list&sli_jump=1 break;
#proxy_pass http://myspicesage.resultsdemo.com;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
#location ~ ^/ppc/(.+)$ {
#rewrite ^/ppc/(.+)$ /search?w=$1&ppc=1 break;
#proxy_pass http://myspicesage.resultsdemo.com;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
#location ~ ^/popular$ {
#rewrite ^/popular$ /search?p=D break;
#proxy_pass http://myspicesage.resultsdemo.com;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
#location ~ ^/popular/(.+)$ {
#rewrite ^/popular/(.+)$ /search?p=D&cletter=$1 break;
#proxy_pass http://myspicesage.resultsdemo.com;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
#location ~ ^/nav/(.*)$ {
#rewrite ^/nav/(.*)$ /nav/$1 break;
#proxy_pass http://myspicesage.resultsdemo.com;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}
location / {
index index.html index.php; ## Allow a static html file to be shown first
try_files $uri $uri/ #handler; ## If missing pass the URI to Magento's front handler
expires 30d; ## Assume all files are cachable
}
## These locations would be hidden by .htaccess normally
location ^~ /app/ { deny all; }
location ^~ /includes/ { deny all; }
location ^~ /lib/ { deny all; }
location ^~ /media/downloadable/ { deny all; }
location ^~ /pkginfo/ { deny all; }
location ^~ /report/config.xml { deny all; }
location ^~ /var/ { deny all; }
location /var/export/ { ## Allow admins only to view export folder
auth_basic "Restricted"; ## Message shown in login window
auth_basic_user_file htpasswd; ## See /etc/nginx/htpassword
autoindex on;
}
location /. { ## Disable .htaccess and other hidden files
return 404;
}
location #handler { ## Magento uses a common front handler
rewrite / /index.php;
}
location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}
location ~ .php$ { ## Execute PHP scripts
if (!-e $request_filename) { rewrite / /index.php last; } ## Catch 404s that try_files miss
expires off; ## Do not cache dynamic content
fastcgi_pass unix:/tmp/php-fpm.sock;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param MAGE_RUN_CODE default; ## Store code is defined in administration > Configuration > Manage Stores
fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
}
}
Of course you can ignore the commented lines. I only included them to show what I've done to try and isolate what's causing the problem.

Nginx Caching 404

I am using WordPress with Nginx but whenever I try to enable caching of static files they turn to 404 not found.
This is my /etc/nginx/conf.d/default.conf file:
server {
listen 80;
server_name _;
# SSL configuration
listen 443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/shivampaw.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/shivampaw.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_timeout 30m;
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 8k;
add_header Strict-Transport-Security max-age=31536000;
location / {
root /home/shivam/sites/shivampaw.com;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /home/shivam/sites/shivampaw.com;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 9;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json applicationx-javascript text/xml application/xml application/xml+rss text/javascript;
include wordpress/wordpress.conf;
And this is the WordPress.conf file:
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
With that, it works fine. But if I add
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
To the end of wordpress.conf and restart nginx and reload my site all the static files come up with 404.
So I have to comment that caching out and it works fine.
Any ideas?
This means that if I include wp-rocket.conf (I use it) it also gives a 404 because wp-rocket.conf has caching stuff in it.
So basically, why can't i cache static files?

It's because you've defined your root in the root location block. So the other location blocks don't know about it. This is bad practice (see here). These location blocks don't know where to look for the files.
You should have the root /home/shivam/sites/shivampaw.com; above your location / { block and then add the try_files $uri $uri/ /index.php?$args to each of your static blocks.
Another way to do it is to keep your config, but add alias /path/to/static/files/; to each block.