I am trying to migrate my website from LAMP to NGINX FastCGI on Linux on AWS and I am having problems trying to parse PHP in some legacy .htm files on my site.
I have tried the solutions listed here:
HTML files as PHP in Nginx
php code inside html files not executed
NGINX execute embedded PHP in HTML file
Specifically, I am using:
location ~ \.(php|html|htm)$ {
and
security.limit_extensions = .php .htm .html
in my /etc/nginx/sites-available/mybrokensite.com and /etc/php-fpm.d/www.conf files.
When I open the .htm files in my browser, I just get a blank page. When I view source, I see the entire raw php and html in the file. If I rename the file with a .php extension it interprets the php and I get the formatted html file that I expect in my browser.
I used the following steps to setup my NGINX FastCGI Wordpress server:
https://gist.github.com/ericandrewlewis/95239573dc97c0e86714
Here is my config:
# Define the microcache path.
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=microcache:100m inactive=60m;
# Redirect http traffic to https
server {
listen [::]:80;
listen 80;
server_name www.mybrokensite.com mybrokensite.com;
return 301 https://mybrokensite.com$request_uri;
}
# Redirect www https traffic to non-www https
server {
listen 443 ssl;
ssl_certificate_key /etc/sslmate/mybrokensite.com.key;
ssl_certificate /etc/sslmate/mybrokensite.com.chained.crt;
server_name www.mybrokensite.com;
return 301 https://mybrokensite.com$request_uri;
}
server {
listen 443 ssl;
server_name mybrokensite.com;
# Include defaults for allowed SSL/TLS protocols and handshake caches.
include h5bp/directive-only/ssl.conf;
# config to enable HSTS(HTTP Strict Transport Security) https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security
# to avoid ssl stripping https://en.wikipedia.org/wiki/SSL_stripping#SSL_stripping
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
ssl_certificate_key /etc/sslmate/mybrokensite.com.key;
ssl_certificate /etc/sslmate/mybrokensite.com.chained.crt;
# Path for static files
root /sites/mybrokensite.com/public;
#Specify a charset
charset utf-8;
# Include the basic h5bp config set
include h5bp/basic.conf;
location / {
index index.php;
try_files $uri $uri/ /index.php?$args;
}
location ~ \.(php|html|htm)$ {
fastcgi_cache microcache;
fastcgi_cache_key $scheme$host$request_method$request_uri;
fastcgi_cache_valid 200 304 10m;
fastcgi_cache_use_stale updating;
fastcgi_max_temp_file_size 1M;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
# Local variables to track whether to serve a microcached page or not.
set $no_cache_set 0;
set $no_cache_get 0;
# If a request comes in with a X-Nginx-Cache-Purge: 1 header, do not grab from cache
# But note that we will still store to cache
# We use this to proactively update items in the cache!
if ( $http_x_nginx_cache_purge ) {
set $no_cache_get 1;
}
# If the user has a user logged-in cookie, circumvent the microcache.
if ( $http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) {
set $no_cache_set 1;
set $no_cache_get 1;
}
# fastcgi_no_cache means "Do not store this proxy response in the cache"
fastcgi_no_cache $no_cache_set;
# fastcgi_cache_bypass means "Do not look in the cache for this request"
fastcgi_cache_bypass $no_cache_get;
}
}
My site is mostly a Wordpress site with some legacy .htm files with php in them. I am new to NGINX and any help would be greatly appreciated.
Related
I'm trying to make a Nginx configuration where I can have Angular and Symfony both on the same domain but the Symfony on suburl.
The issue is that I'm getting all the time 404 Not Found for the Symfony Config.
My website has a default redirection for the Login and I'm being redirect to the url but after I'm getting the 404. (test.com/api/connect/azure) is the URL I'm being redirected to.
2022/01/10 15:16:15 [error] 23#23: *3 open()
"/var/www/angular/back/public/connect/azure" failed (2: No such file
or directory)
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/test_com.pem;
ssl_certificate_key /etc/nginx/ssl/test_com.pem.com.key;
server_name test.com;
root /var/www/angular/front/dist;
location /api {
alias /var/www/angular/back/public;
index index.php
try_files $uri /index.php$is_args$args;
location ~ \.php$ {
fastcgi_pass php8:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_intercept_errors on;
# When you are using symlinks to link the document root to the
# current version of your application, you should pass the real
# application path instead of the path to the symlink to PHP
# FPM.
# Otherwise, PHP's OPcache may not properly detect changes to
# your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
# for more information).
fastcgi_param SCRIPT_FILENAME $request_filename;
# Prevents URIs that include the front controller. This will 404:
# http://domain.tld/index.php/some-path
# Remove the internal directive to allow URIs like this
internal;
}
}
location / {
try_files $uri $uri/ /index.html;
}
error_log /var/log/nginx/project_error.log;
access_log /var/log/nginx/project_access.log;
}
You have nested your location directives. I also see that you are listening on port 443 but there is no mention of which domain request nginx should respond to.
Consider using subdomains to host the Angular and Symfony applications as follows
angularapp.mydomain.com
symfonyapi.mydomain.com
You should separate the configuration for Angular and Symfony into seprate .conf files.
I'm trying to make a local webserver with nginx php 7.1 and mariadb on windows WSL.
I tried a lot of things, use Kali, use Debian, use Ubuntu, change nginx port instead of 80, I found a few nginx config that I tried but none worked.
My problem is that php don't process throught nginx.
When I try to load a simple php page <?php echo 'ok'; ?> it load infinitly.
But when I restart php7.1-fpm, the page work ! (One time and only if I was trying to load it)
This is my actual default nginx config file :
server {
listen 32000 default_server;
listen [::]:32000 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
# # With php-cgi (or other tcp sockets):
#fastcgi_pass 127.0.0.1:9000;
# I tried this too :
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass 127.0.0.1:9000;
#fastcgi_index index.php;
#include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
When I run php index.php this is working too. But on firefox nothing happen when I load this file. Everything is fine with full html page. I got the nginx welcome page too with no problems.
I don't know where to look anymore. Thanks for reading and if you have any answer, thanks a lot !
Here is mine:
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9123;
fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME D:/web/html$fastcgi_script_name;
include fastcgi_params;
try_files = $uri #missing;
}
Also make sure PHP-CGI is running (and on the right port).
I've successfully installed nginx that uses PHP-FPM but unfortunately I'm having some trouble when loading my php files from a different directory. All my files are located in subdirectories in /var/www/html (e.g. all css-files are located in /var/www/html/css, all javascript-files are located in /var/www/html/js, all php-files are located in /var/www/html/php).
According to this, I changed the root directory path for my php files to /var/www/html/php:
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.php home.php;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /var/www/html/php;
include snippets/fastcgi-php.conf;
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
Unfortunately, when accessing my nginx server using my web browser, I'm getting error 403 (Forbidden). When accessing my index.php (http://192.168.2.109/index.php) directly, everything works fine. So, I think it means that the file permissions are correct but nginx isn't able to index the /var/www/html/php directory. Furthermore, /var/log/nginx/error.log includes:
2017/05/28 07:49:56 [error] 13678#13678: *1 directory index of "/var/www/html/" is forbidden, client: 192.168.2.101, server: _, request: "GET / HTTP/1.1", host: "192.168.2.109"
I already tried to enable autoindex and add the index specifier in the "location ~ .php$ {" section without success. The result is the same :(
Does anyone has an idea what I'm doing wrong/missing here? All suggestions in Nginx 403 error: directory index of [folder] is forbidden didn't solve my problem.
The problem are easy:
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /var/www/html/php;
include snippets/fastcgi-php.conf;
# # With php7.0-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php7.0-fpm:
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
As I can read, when you request a *.php file, you change the root address. But, when you request "default index", you are requesting /, not a .php
You need a new location, for change root path on / request. Try to use this:
location = / {
root /var/www/html/php;
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
Maybe, on this config, you need to put a "rewrite index.php;", but I didn't know because I've never test this configuration.
Don't think my new location order (location = /) is the same as yours (location /), because my order, with the equal sign, only apply when you request exactly the "main" location without any parameter.
this is the first time i use nginx , and i have two problems with it,
the first one is that i want to redirect http://localhost/project automatically to http://localhot/project/en/ and en is subdirectory on project.
The second problem : in localhost/project/en/ i can see the index.php i mean the main page but every redirecting from the project give me 404 not found like localhost/project/en/people/ or
localhost/project/en/people/article1
NB : i use nginx in windows with drupal and . here is my configuration:
worker_processes 1;
events {
worker_connections 1024;
}
http {
server_tokens on;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
ssi off;
#Timeouts
client_body_timeout 5;
client_header_timeout 5;
keepalive_timeout 25 25;
send_timeout 15s;
resolver_timeout 3s;
#Directive sets timeout period for connection with FastCGI-server. It should be noted that this value can't exceed 75 seconds.
fastcgi_connect_timeout 5s;
#Directive sets the amount of time for upstream to wait for a fastcgi process to send data. Change this directive if you have long running fastcgi processes that do not produce output until they have finished processing. If you are seeing an upstream timed out error in the error log, then increase this parameter to something more appropriate.
fastcgi_read_timeout 400s;
#Directive specifies request timeout to the server. The timeout is calculated between two write operations, not for the whole request. If no data have been written during this period then serve closes the connection.
fastcgi_send_timeout 150s;
fastcgi_buffers 8 32k;
fastcgi_buffer_size 32k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
open_file_cache off;
#php max upload limit cannot be larger than this
client_max_body_size 8m;
####client_body_buffer_size 1K;
client_header_buffer_size 1k;
large_client_header_buffers 2 1k;
types_hash_max_size 2048;
include nginx.mimetypes.conf;
default_type text/html;
##
# Logging Settings
##
access_log "c:/wt-nmp/log/nginx_access.log";
error_log "c:/wt-nmp/log/nginx_error.log" warn; #debug or warn
log_not_found on; #enables or disables messages in error_log about files not found on disk.
rewrite_log off;
#Leave this off
fastcgi_intercept_errors off;
gzip off;
index index.php index.htm index.html;
server {
listen 127.0.0.1:80 default_server;
#listen [::1]:80 ipv6only=on;
server_name localhost;
root "c:/wt-nmp/www/";
autoindex on;
allow 127.0.0.1;
#allow ::1;
deny all;
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
# deny all;
}
location /project {
index index.php;
try_files $uri $uri/ #handler;
}
location #handler { rewrite / /project/en/index.php; }
location ~ ^/en/ {
root "c:/wt-nmp/www/project";
try_files $uri $uri/ /en/index.php?$args;
}
#tools are now served from wt-nmp/include/tools/
location ~ ^/tools/.*\.php$ {
root "c:/wt-nmp/include";
try_files $uri =404;
include nginx.fastcgi.conf;
fastcgi_pass php_farm;
}
location ~ ^/tools/ {
root "c:/wt-nmp/include";
}
location ~ \.php$ {
# try_files $uri =404;
# fastcgi_pass php_farm;
fastcgi_pass 127.0.0.1:9000;
include nginx.fastcgi.conf;
}
}
include domains.d/*.conf;
include nginx.phpfarm.conf;
}
WPN-XM Server Stack
Installation Instructions for Drupal 7
with "Clean URLs"
Installation Steps:
Download http://ftp.drupal.org/files/projects/drupal-7.34.zip
Extract into c:\wpn-xm\www
rename versionized folder to just "drupal" = full path to drupal = c:\wpn-xm\www\drupal
run drupal install - http://localhost/drupal/install.php
activate missing PHP extensions: maybe gd2, mbstring, then restart php
reload install page, all green, proceed to database dialog
before filling the database dialog, create database "drupal" in adminer, then use that as db in dialog
proceed with install steps until done
Browse: http://localhost/drupal/
Ok, you just installed Drupal on localhost.
URL Rewriting and Clean URLs Steps:
After the installation, 3 things are needed to get short URLs working:
provide new host "http://drupal.dev"
add a Nginx Configuration for URL rewriting
enabling "Clean URLs" in the Drupal Configuration
Important Notice
The short/nice/clean URLs work only for URLs starting with
"http://drupal.dev/" not for "localhost". Using megaphone: not working
with "http://localhost/..." - use "http://drupal.dev/...".
Add "drupal.dev" to hosts file
You need to add "drupal.dev" to your "hosts" file.
manually or
via the WPN-XM Server Control Panel - Steps:
right-click tray icon - "Manage Hosts"
"Add" - Data "127.0.01" "drupal.dev"
Click Ok.
The Windows Permissions Dialog pops up.
Click Ok, to allow writing to the "hosts" file.
If Anti-Virus tool blocks writing to the hosts file, disable AV it, repeat the steps, enable it again.
Check: http://drupal.dev/?q=admin - ok
-
**Add a Nginx server block for Drupal7 **
Use the following Nginx config file to activate rewriting URLs:
https://github.com/WPN-XM/software/blob/master/nginx/config/conf/domains-disabled/drupal7.conf
You might use an include directive in your main nginx.conf to load it.
Restart or rehash Nginx to activate the new configuration.
You can now start using the URL "http://drupal.dev" in your browser.
Important is the the following directive in your server block
# Make site accessible from http://drupal.dev/
server_name drupal.dev;
and the rewrite rule rewrite ^/(.*)$ /index.php?q=$1;.
Check: http://drupal.dev/admin
Activate "Clean URLs" in Drupal Configuration
Testing "Clean URLs"
http://drupal.dev/admin/config/search/clean-urls/check
Response: {"status":true}
Enabling "Clean URLs" (b)
http://drupal.dev/admin/config/search/clean-urls
Check Checkbox & Save.
Links in the menu should appear in "Clean URL" form without "?q=".
Final Checks:
Hover links in the menu and check for short URLs. - ok
http://drupal.dev/admin - ok
http://drupal.dev/user/login - ok
Done.
I think I'll cross post to stackoverflow as well; Here's my issue:
I have installed an ssl certificate on my server, and read a whole lot and did all the different suggested things, but I cannot seem to get the $_SERVER['HTTPS'] variable to show up. Someone please help. Here's my config:
Server:
Linode
Ubuntu 8.02LTS
nginx - latest
created a vhost:
server {
listen 443;
server_name www.buzzonstage.com;
rewrite ^/(.*) https://buzzonstage.com/$1 permanent;
}
server {
listen 443;
server_name buzzonstage.com;
ssl on;
ssl_certificate /usr/local/nginx/conf/buzzonstage.com.pem;
ssl_certificate_key /usr/local/nginx/conf/buzzonstage.com.key;
access_log /home/maksimize/public_html/buzzonstage.com/log/access.log;
error_log /home/maksimize/public_html/buzzonstage.com/log/error.log;
location / {
root /home/maksimize/public_html/buzzonstage.com/public/;
index index.php index.html;
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php?q=$1 last;
}
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /usr/local/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /home/maksimize/public_html/buzzonstage.com/public/$fastcgi_script_name;
fastcgi_param HTTPS on;
}
}
server {
listen 80;
server_name www.buzzonstage.com;
rewrite ^/(.*) http://buzzonstage.com/$1 permanent;
}
server {
listen 80;
server_name buzzonstage.com;
access_log /home/maksimize/public_html/buzzonstage.com/log/access.log;
error_log /home/maksimize/public_html/buzzonstage.com/log/error.log;
location / {
root /home/maksimize/public_html/buzzonstage.com/public/;
index index.php index.html;
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php?q=$1 last;
}
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /usr/local/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /home/maksimize/public_html/buzzonstage.com/public/$fastcgi_script_name;
The verification from digicert comes back accurate, but I get a message saying that some info may not be secure - I understand this is the case because of the various links to non-secure pages on the site. The phpinfo shows up green https;
But in order for a certain drupal module to work - securepages - I need to be able to show a that variable in the $_SERVER array. Can someone please help?
Thanks!
That Twitter module is breaking SSL. Modify it so it will pass only through SSL (requires rewriting the widget so it loads locally, yes it's possible), and everything should work.
The phpinfo shows up green https;
This is good. Because phpinfo works with $_SERVER['HTTPS'] variable. And it's certainly defined.
but I get a message saying that some info may not be secure
But in order for a certain drupal module to work - securepages
I need to be able to show a that variable in the $_SERVER array.
Hmm, may be this modules trying to work without https? For example through AJAX?
And where they getting answer, HTTPS is not defined.
Try to check this, by adding fastcgi_param HTTPS on; to NON https section of your config. I think all will start working. But obvious, it's a cheat...