Trying to add a no index header to a specific path (/path) but it doesn't show up. When I add it in with the other add_header lines, it shows just fine but not when put into location /path {} or even location / {}. I've read a bunch of answers on the forum and haven't been able to figure out the issue. Anyone know or see what I'm doing wrong? Nginx version is 1.13.3
Here's my nginx file:
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name mydomain.com;
root /home/forge/mydomain.com/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Referrer-Policy "origin";
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /path {
add_header X-Robots-Tag "noindex" always;
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Related
When I install it on the server - it doesn't work, i got blank screen with background and this.app is undefined error in console on server/nova/login page.
nginx config:
server {
listen 80;
listen [::]:80;
server_name wtw.test.loc;
root /home/test/sites/wtw/www/public;
access_log /home/test/sites/wtw/logs/access.log combined;
error_log /home/test/sites/wtw/logs/error.log warn;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ /\.(?!well-known).* {
deny all;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php8.1-wtw.test.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
listen 80;
server_name avadore.my.id;
root /var/www/avadore.my.id/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Basically this is the conf file and I tried many solutions from the internet and didnt find a solution but basically i changed the try_files $uri $uri/ /index.php?$query_string; to try_files $uri $uri/ /index.php?$is_args$args; and to 404 but still didnt work. Appreciate any help
I found the problem is that my laravel version was 9 but i think it is only compatible with php version 8 but mines was version 7 so upgarding the php solves the problem thank you
I have a Laravel project. It works on Mac os with nginx.
I recentlly installed a CentOs 8. I installed Nginx on it and add the configuration bellow:
server {
listen 8001;
server_name _;
root /usr/share/nginx/html/reservation_laravel/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
All routes inside web.php work fine but API routes not working!
Same configuration is working on an Ubuntu server!
When you write on api.php add api on your url like
'/get-list'
then you call it
/api/get-list
I'm not sure whether you have a rewrite issue. Take a look at Laravel's installation documentation. There's a section about rewrite configuration that might give you some insight:
https://laravel.com/docs/6.x/installation#pretty-urls
My application includes a vue only frontend with api written in laravel. The way I want to set it up like this:
http://myapp.local --> Points to the vue frontend.
http://myapp.local/api --> Points to the laravel application api routes.
This is my nginx config:
server {
listen 80;
server_name myapp.local *.myapp.local;
root /var/www/myapp-frontend/dist;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location ^~ /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location #api {
rewrite /api/(.*)$ /api/index.php/$1 last;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Hitting http://myapp.local/api opens the root laravel route. But if I open any other route in my application I get an 500 Internal Server
Error.
This is the error in nginx's error log:
2019/09/09 15:58:18 [error] 20954#20954: *10 rewrite or internal redirection cycle while redirect to named location "#api", client:
127.0.0.1, server: myapp.local, request: "GET /api/admin/features HTTP/1.1", host: "myapp.local"
Update
I have managed to make it work somehow, this is what the updated config looks like
server {
listen 80;
server_name *.myapp.local;
root /var/www/myapp-api/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.php;
charset utf-8;
add_header X-debug-request-filename "$request_filename" always;
add_header X-debug-document-root "$document_root" always;
add_header X-debug-fastcgi-script-name "$fastcgi_script_name" always;
add_header X-debug-query-string "$query_string" always;
location / {
root /var/www/myapp-frontend/dist;
try_files $uri $uri/ /index.html = 404;
}
location /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
add_header X-debug-request-filename "$request_filename" always;
add_header X-debug-document-root "$document_root" always;
add_header X-debug-fastcgi-script-name "$fastcgi_script_name" always;
add_header X-debug-query-string "$query_string" always;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location #api {
rewrite ^/api/(.*)$ /api/index.php?/$1 last; # THIS IS THE IMPORTANT LINE
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
#error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
I have one small problem though, everytime I access the api routes I need to write /api twice in order to get the correct address. For example like this http://myapp.local/api/api/login. /api/login is the actual route, and http://myapp.local/api/ points to the laravel application, so needing to write /api twice makes sense. But would it be anyhow possible to just use http://myapp.local/api/login to access /api/login route?
Add the location / for the vue.js interpreter
server {
listen 80;
server_name myapp.local *.myapp.local;
root /var/www/myapp-frontend/dist;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location ^~ /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location #api {
rewrite /api/(.*)$ /api/index.php/$1 last;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Used the port 3000 as example in here. Set it to your node listening port.
I am using magento2 and fishpig WordPress integration extension and using Nginx Server. Wordpress directory is on magento root with name "wp".
Magento is working fine and display the blog content but when accessing the WordPress admin URL or frontend it shows 404 error page not found.
After research, I found that we have to do the setting in Nginx config file (/etc/Nginx/sites-available) and setup the location of wp directory.
Below are the code which i have tried to add in Nginx Config file
location /wp {
index index.php index.html index.htm;
try_files $uri $uri/ /wp/index.php?$args;
}
location /wp {
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
}
location /wp/wp-admin/ {
index index.php index.html index.htm;
try_files $uri $uri/ /wp/wp-admin/index.php?$args;
}
Below are some URL which I have gone through -:
Nginx configuration for a wordpress blog in a subfolder of magento root
https://codex.wordpress.org/Nginx
https://www.getpagespeed.com/web-apps/magento-wordpress-integration-nginx
Below is my Nginx file.
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name magento.online.com;
set $MAGE_ROOT /var/www/html/prod;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
##raj
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php?$args;
}
#wordpress Code
# location /wordpress/ {
# try_files $uri $uri/ /wordpress/index.php?$args;
# }
location /wp/wp-admin/ {
index index.php index.html index.htm;
try_files $uri $uri/ /wp/wp-admin/index.php?$args;
}
# location /wp/wp-admin/ {
# index index.php index.html index.htm;
# try_files $uri $uri/ /index.php?$args;
# }
#End of code
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
try_files $uri $uri/ /get.php?$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php?$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php?$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
# PHP entry point for main application
location ~ (index|get|static|report|404|503)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 1024 4k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=768M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.htaccess$|\.git) {
deny all;
}
}
#
## Optional override of deployment mode. We recommend you use the
## command 'bin/magento deploy:mode:set' to switch modes instead.
##
## set $MAGE_MODE default; # or production or developer
##
## If you set MAGE_MODE in server config, you must pass the variable into the
## PHP entry point blocks, which are indicated below. You can pass
## it in using:
##
## fastcgi_param MAGE_MODE $MAGE_MODE;
##
## In production mode, you should uncomment the 'expires' directive in the /static/ location block
Any help will be really appriciated.
When integrating WordPress into Magento, you don't need to do anything special with the rewrites that you wouldn't do as normal to get WordPress working on Nginx.
You might not even need the rewrites at all. The rewrites exist to route all frontend requests through index.php to provide pretty SEO URLs. This functionality of WordPress isn't being used as the frontend is being displayed by Magento, therefore the rewrites may not be needed. All requests to the WordPress Admin are to files that exist and therefore rewrites shouldn't be needed.