I have some site on Nginx with page and API for it. Location of html page is
var/www/mysite/mysite_rest
and location of api is
var/www/mysite/mysite_rest/api
The next configuration works fine for me:
server {
listen 80;
server_name example.com;
# return 301 https://$host$request_uri;
return 301 https://example.com;
rewrite ^ https://example.com$request_uri? permanent;
client_max_body_size 350M;
}
server {
listen 443 ssl http2;
server_name example.com;
charset UTF-8;
# certs sent to the client in SERVER HELLO are concatenated in
ssl_certificate
ssl_certificate /etc/ssl/example.crt;
ssl_certificate_key /etc/ssl/example.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 30m;
keepalive_timeout 70;
ssl_session_tickets off;
ssl_dhparam /etc/ssl/dhparam.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers off;
# ssl_stapling on;
ssl_trusted_certificate /etc/ssl/example.crt;
# resolver 8.8.8.8;
# HSTS (ngx_http_headers_module is required) (63072000 seconds)
add_header Strict-Transport-Security "max-age=63072000" always;
# add_header Strict-Transport-Security max-age=31536000 always;
add_header X-Frame-Options DENY;
# add_header Public-Key-Pins 'pin-sha256="base64+info1="; max-age=31536000'
always;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
##
rewrite ^/(.*)/$ /$1 permanent;
rewrite ^/api/(.*)$ /api/index.php?_url=/$1 last;
rewrite ^/api$ /api/index.php?_url=/ last;
##
location / {
root /var/www/mysite/mysite_rest;
charset utf-8;
index index.php index.html;
}
location /api {
internal;
root /var/www/mysite/mysite_rest/api;
index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass unix:/var/run/php7.1-fpm.sock;
fastcgi_pass 127.0.0.1:9000;
# fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param SCRIPT_FILENAME /var/www/mysite/mysite_rest/api/index.php;
fastcgi_param SCRIPT_NAME index.php;
fastcgi_param HTTPS on;
# fastcgi_param HTTP_HTTPS on;
fastcgi_param REQUEST_SCHEME https;
fastcgi_param SERVER_PORT 443;
}
}
And now I need to install wordpress alongside my site, I downloaded it and placed in
var/www/mysite/wp
folder, then added to Nginx conf the next line:
location /wp {
internal;
root /var/www/mysite/wp;
index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass unix:/var/run/php7.1-fpm.sock;
fastcgi_pass 127.0.0.1:9000;
# fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param SCRIPT_FILENAME /var/www/mysite/wp/index.php;
fastcgi_param SCRIPT_NAME index.php;
# fastcgi_param HTTPS on;
fastcgi_param HTTP_HTTPS on;
fastcgi_param REQUEST_SCHEME https;
fastcgi_param SERVER_PORT 443;
}
The result of requesting url: example.com/wp is 404. What I'm doing wrong?
UPD1 When deleting "internal" the request rewrites on https://example.comindex.php/wp-admin/install.php
UPD2 Add the next lines for wordpressp location instead of previous:
location ^~ /wp {
root /var/www/mysite/mysite_rest;
index index.php index.html index.htm;
try_files $uri $uri/ /wp/index.php;
location ~ \.php {
fastcgi_split_path_info ^(.*\.php)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_pass 127.0.0.1:9000;
}
This allowed me to run install, but than when I'm requesting example.com/wp it causes ERR_TOO_MANY_REDIRECTS . I can access /wp-login.php by manually request.
You have used the internal directive which prevents external access to the location. The root directive is wrong and you have no way to load WordPress static files.
You could try something like this:
location ^~ /wp {
root /var/www/mysite;
index index.php;
try_files $uri $uri/ /wp/index.php;
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
Don't forget to configure WordPress with the correct URL. See this document for details.
Related
My nginx config file like this:
server {
listen 80;
listen 443 ssl;
server_name XXX.com;
error_log /log/nginx/xxx.com_error.log;
access_log /log/nginx/xxx.com_access.log main;
root /data/www/;
index index.php index.html index.htm;
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
We need to config the nginx to satisfy following:
1、If url does not has prefix "/api/mobile/index.php",and the request's port is 80, redirect it to https
2、If url has prefix "/api/mobile/index.php",just go on
So I add content in the config file:
location ~ ^(?!/api/mobile/index\.php).*$ {
if ($server_port = "80") {
return 301 https://$server_name$request_uri;
}
rewrite /* $server_name$reqeust_uri last;
}
Now the config file content is :
server {
listen 80;
listen 443 ssl;
server_name XXX.com;
error_log /log/nginx/xxx.com_error.log;
access_log /log/nginx/xxx.com_access.log main;
root /data/www/;
index index.php index.html index.htm;
location ~ ^(?!/api/mobile/index\.php).*$ {
if ($server_port = "80") {
return 301 https://$server_name$request_uri;
}
rewrite /* $server_name$reqeust_uri last;
}
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Than the request match the first location, will not match the other location.
That means these request couldn't go through the php cgi.
Is there anyone who knows how to solve the problem?
Nginx matches only one location. Move config to first location too.
location ~ ^(?!/api/mobile/index\.php).*$ {
if ($server_port = "80") {
return 301 https://$server_name$request_uri;
}
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
There's the option to use two separated server context, and didn't use if statement (read why here: https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/).
The configuration could be:
server {
listen 80;
server_name XXX.com;
error_log /log/nginx/xxx.com_error.log;
access_log /log/nginx/xxx.com_access.log;
root /data/www;
index index.php index.html index.htm;
location /api/mobile/index.php {
rewrite ^(.*)$ https://$host$1 redirect;
}
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_param;
}
}
server {
listen 443 ssl http2;
server_name XXX.com;
error_log /log/nginx/xxx.com_ssl_error.log;
access_log /log/nginx/xxx.com_ssl_access.log;
root /data/www;
index index.php index.html index.htm;
location ~ \.php$ {
add_header X-Frame-Options SAMEORIGIN;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_param;
}
}
I have 2 apps on the same domain. For example aaa.com.my will open a Laravel app but now I have another app that use normal PHP.
I want to make it use the same domain aaa.com.my but with /normal-php-app.
If I type aaa.com.my/normal-php-app it will go to Laravel 404 error page. I'm using nginx.
I have try using this solution: How to configure NGINX for codeigniter and laravel on same domain
Now I get 500 Internal Server Error
nginx/1.15.8
Here is my configuration :
(rightnow, if I use aaaa.com.my/normal-php it goes to index.php if normal-php, but if i change address to aaaa.com.my/normal-php/bbbbbbb , it keep goes to the index.php)
server {
#listen 80;
#listen [::]:80 ipv6only=on;
listen 443 default ssl;
# Insert ssl certificate
#ssl on;
ssl_certificate ******************
ssl_certificate_key ***************
server_name aaaa.com.my;
# Log files for Debugging
access_log /var/log/nginx/laravel-access.log;
error_log /var/log/nginx/laravel-error.log;
# Webroot Directory for Laravel project
root /var/www/html/aaaa/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
#NORMAL PHP bbbb
location /bbbb {
index index.php index.html index.htm;
root /var/www/html;
try_files $uri $uri/ /bbbb/index.php?$args;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
}
# PHP-FPM Configuration Nginx
#location ~ \.php$ {
# try_files $uri =404;
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# include fastcgi_params;
#}
# Add X-FRAME-OPTIONS header
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";}
I'm use symfony develop my API for an existing site.
but i can't configure my symfony app like
www.domain.com/sfapi/xxx
www.domain.com/sfapi/xxxxx
here my nginx vhost configure
/usr/local/nginx/conf/sfapi.conf for symfony app configure.
location #rewriteapp {
if (-f $request_filename) {
break;
}
rewrite ^/(.*)$ /sfapi/app.php/$1 last;
}
location ^~ /sfapi/ {
alias /home/wwwroot/www.domain.com/wuye/chengshi/web;
#root /home/wwwroot/www.domain.com/wuye/chengshi/web;
index app.php;
set $root "/home/wwwroot/www.domain.com/wuye/chengshi/web";
# try to serve file directly, fallback to app.php
try_files $uri #rewriteapp;
}
# PROD
location ~ ^/app\.php(/|$) {
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
main vhost conf
server {
listen 80;
listen [::]:80;
server_name chengshi.91zhangyu.com;
rewrite ^(.*) https://$server_name$1 permanent;
}
server{
listen 443;
#listen 80;
listen [::]:443;
server_name www.domain.com;
index index.html index.htm app.php index.php default.html default.htm default.php;
ssl on;
ssl_certificate /home/certificate/www.domain.com.crt;
ssl_certificate_key /home/certificate/www.domain.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
root /home/wwwroot/www.domain.com/chengshi/chengshi;
include chengshi.wuye.conf;
include destoon.conf;
#error_page 404 /404.html;
location ~ [^/]\.php(/|$)
{
# comment try_files $uri =404; to enable pathinfo
#try_files $uri =404;
fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
include pathinfo.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
access_log /home/wwwlogs/www.domain.com access;
}
destoon.conf
rewrite ^/(.*)\.(asp|aspx|asa|asax|dll|jsp|cgi|fcgi|pl)(.*)$ /404.php last;
rewrite ^/(.*)/file/(.*)\.php(.*)$ /404.php last;
rewrite ^/(.*)-htm-(.*)$ /$1.php?$2 last;
rewrite ^/(.*)/show-([0-9]+)([\-])?([0-9]+)?\.html$ /$1/show.php?itemid=$2&page=$4 last;
rewrite ^/(.*)/list-([0-9]+)([\-])?([0-9]+)?\.html$ /$1/list.php?catid=$2&page=$4 last;
rewrite ^/(.*)/show/([0-9]+)/([0-9]+)?([/])?$ /$1/show.php?itemid=$2&page=$3 last;
rewrite ^/(.*)/list/([0-9]+)/([0-9]+)?([/])?(.*)?$ /$1/list.php?catid=$2&page=$3&attr=$5 last;
rewrite ^/(.*)/([A-za-z0-9_\-]+)-c([0-9]+)-([0-9]+)\.html$ /$1/list.php?catid=$3&page=$4 last;
rewrite ^(.*)/([a-z]+)/(.*)\.shtml$ $1/$2/index.php?rewrite=$3 last;
rewrite ^/(com)/([a-z0-9_\-]+)/([a-z]+)/(.*)\.html$ /index.php?homepage=$2&file=$3&rewrite=$4 last;
rewrite ^/(com)/([a-z0-9_\-]+)/([a-z]+)([/])?$ /index.php?homepage=$2&file=$3 last;
rewrite ^/(com)/([a-z0-9_\-]+)([/])?$ /index.php?homepage=$2 last;
fastcgi.conf
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param HTTPS $https if_not_empty;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
pathinfo.conf
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
try_files $fastcgi_script_name =404;
nginx_error.log
2017/10/17 01:08:34 [error] 20371#0: *543 rewrite or internal redirection cycle while redirect to named location "#rewriteapp",
thanks
Your rewrite is causing a loop back to the /sfapi/ location block.
Try removing the #rewriteapp block like this:
location ^~ /sfapi/ {
alias /home/wwwroot/www.domain.com/wuye/chengshi/web;
#root /home/wwwroot/www.domain.com/wuye/chengshi/web;
index app.php;
set $root "/home/wwwroot/www.domain.com/wuye/chengshi/web";
# try to serve file directly, fallback to app.php
try_files $uri /sfapi/app.php/$1 last;
}
My PHP application static files are served all right when running Apache but they are denied access when running Nginx although both http servers use my own user (the one I log in my Linux machine with) as their user.
The issue therefore lies within the Nginx or php-fpm configuration.
Here is some of the nginx.conf content:
user stephane;
worker_processes 1;
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
upstream php5-fpm-sock {
server unix:/home/stephane/programs/install/php5-fpm.sock;
}
server {
listen 80;
server_name localhost;
charset utf-8;
location / {
root html;
index index.html index.htm;
}
location ~ \.php$ {
try_files $uri = 404;
fastcgi_index index.php;
fastcgi_pass php5-fpm-sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
}
include conf.d/*.conf;
include sites-enabled/*;
}
Here is the Nginx virtual host configuration:
server {
listen 443;
server_name dev.extrapack.group.com;
root /home/stephane/dev/php/projects/Extrapack-Mon/public;
ssl on;
ssl_certificate /home/stephane/programs/install/nginx/conf/sites-available/extrapack.group.com.crt;
ssl_certificate_key /home/stephane/programs/install/nginx/conf/sites-available/extrapack.group.com.key;
location /simplesaml {
index index.php;
alias /usr/share/simplesaml/www;
location ~ ^/simplesaml/(module\.php)(/.+)$ {
include fastcgi_params;
fastcgi_pass php5-fpm-sock;
fastcgi_split_path_info ^/simplesaml/(module\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME /usr/share/simplesaml/www/$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php5-fpm-sock;
}
}
location / {
include fastcgi_params;
fastcgi_pass php5-fpm-sock;
fastcgi_split_path_info ^(.+\.php)(.*)$;
try_files $uri /index.php?$args;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS 'on'; # Make PHP-FPM aware that this vhost is HTTPs enabled
fastcgi_param APPLICATION_ENV development;
fastcgi_index index.php;
}
}
And the Apache virtual host configuration (that works fine accessing all the static resources):
<VirtualHost *:443>
ServerName dev.extrapack.group.com
DocumentRoot "/home/stephane/dev/php/projects/Extrapack-Mon/public"
<Directory "/home/stephane/dev/php/projects/Extrapack-Mon/public">
Options Indexes FollowSymLinks Includes
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Replace your location / with these two locations:
location / {
try_files $uri /index.php?$args;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php5-fpm-sock;
fastcgi_param HTTPS 'on'; # Make PHP-FPM aware that this vhost is HTTPs enabled
fastcgi_param APPLICATION_ENV development;
fastcgi_index index.php;
}
The first location handles static files.
The second location handles .php files. Since it is a regexp-location (with ~) it has precedence over the first location if it matches, so .php-files get executed.
I want to use Baikal on my server together with NGINX. The index.php of baikal is in /baikal/html
The request for the following configuration works with this url:
https://www.mydomain.com:8001/baikal/html
How can I change the NGINX configuration that
https://www.mydomain.com:8001/baikal
gets redirected to https://www.mydomain.com:8001/baikal/html?
Here is my NGINX configuration:
server {
listen 8001;
ssl on; # <-------------------------------------------- SSL
ssl_certificate /etc/nginx/ssl/seahub.crt; # <--------- SSL
ssl_certificate_key /etc/nginx/ssl/seahub.key; # <----- SSL
server_name confile.no-ip.biz; #.tld; # <----------------- CHANGE THIS
root /usr/share/nginx/www;
index index.html index.htm index.php;
rewrite ^/.well-known/caldav /cal.php redirect;
rewrite ^/.well-known/carddav /card.php redirect;
location / {
location ~ ^(.+\.php)(.*) {
try_files $fastcgi_script_name =404;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_index index.php;
include fastcgi_params;
}
charset utf-8;
location ~ /(\.ht|Core|Specific) {
deny all;
return 404;
}
}
}
First of all, you should not have a location inside of another location. Make sure they're all seperate.
Next, to actually create the rewrite:
location = /baikal {
return 301 /baikal/html
}
should do the trick.