I am trying to redirect a 403 Forbidden request to the homepage of our website (index.php). An example URL that is receiving a 403 error message is this URL: https://www.acme.com/dr/mellow/. I tried adding the following line to my configuration file: error_page 403 /index.php;. When I did that, I no longer receive the 403 Forbidden message, I just receive a blank white page. I simply would like to redirect to /index.php. I am currently running an NGINX server. Here is my configuration file:
server {
server_name acme.com;
return 301 $scheme://www.acme.com$request_uri;
}
server {
listen 80;
server_name www.acme.com;
#BEGIN SSL
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/acme.com.chained.crt;
ssl_certificate_key /etc/nginx/ssl/acme.com.key;
# Makes for the most secure connections
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
#END SSL
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ $uri.html $uri.php?$query_string;
}
error_page 403 =200 /index.php;
error_page 404 /index.php;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
##BEGIN ALLOWING LARGE UPLOADS##
client_max_body_size 100M;
## BEGIN CACHING SETTINGS ##
# Media: images, icons, video, audio, fonts, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|woff)$ {
expires 30d;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 30d;
access_log off;
add_header Cache-Control "public";
}
## END CACHING SETTINGS ##
}
Related
My Laravel 5 website redirects to 404. It is installed in a folder.
It is using Laravel 5.6 and Nginx 1.12.1
It is redirecting to 404 instead of my project. Planning to deploy multiple sites.
https://example.com/staging/project/ -> Redirects to 404 instead of opening the page.
Find nginx config
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
root /var/www/example;
index index.php index.html index.htm;
ssl_certificate "/etc/letsencrypt/live/example.com/fullchain.pem";
ssl_certificate_key "/etc/letsencrypt/live/example.com/privkey.pem";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
location ^~ /staging/project {
alias /var/www/example/staging/project/public;
index index.php
try_files $uri $uri/ /index.php$is_args$args #laravel1;
location ~ \.php {
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
location #laravel1 {
rewrite /staging/project/(.*)$ /staging/project/index.php?/$1 last;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
There's only one thing wrong here which i think you need to change, you are almost there.
Change
root /var/www/example;
To
root /var/www/example/public;
Also always restart Nginx everytime you change the xxx.conf file.
Sudo service nginx restart
I have trouble to run davical (php) web calendar. There is no errol log in nginx error logs. When is calendar under \ location everything work. But when i have calendar under /calendar location. it returns 404.
default server root is: /usr/share/nginx/html/default
calendar index.php path: /usr/share/nginx/html/calendar/davical/htdocs\index.php
os: Centos 7
server {
listen 80 default_server;
server_name my_domain_name;
return 301 https://$server_name$request_uri;
}
Https
server {
listen 443 ssl http2;
server_name my_domain_name;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
ssl on;
ssl_certificate "/etc/pki/tls/certs/nginx/certificate.pem";
ssl_certificate_key "/etc/pki/tls/certs/nginx/privatekey.pem";
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
ssl_dhparam "/etc/pki/tls/certs/nginx/dhparam.pem";
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
resolver 8.8.8.8 8.8.4.4;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate "/etc/pki/tls/certs/nginx/certificate.pem";
add_header Strict-Transport-Security "max-age=31536000;includeSubdomains; preload";
root /usr/share/nginx/html/default;
index index.php index.html index.htm;
include /etc/nginx/default.d/php-fpm.conf;
location /calendar {
alias /usr/share/nginx/html/calendar/davical/htdocs;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
php-fpm.conf
location ~ \.php$ {
try_files $uri =404;
fastcgi_param HTTPS on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include fastcgi_params;
}
Your existing location ~ \.php$ block serves the /usr/share/nginx/html/default root. You need a nested location to process PHP files under the /calendar URI.
Assuming that your calendar app is designed to work within a subfolder, this may work for you:
location ^~ /calendar {
alias /usr/share/nginx/html/calendar/davical/htdocs;
index index.php;
if (!-e $request_filename) {
rewrite ^ /calendar/index.php last;
}
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
Use the ^~ modifier to prevent the other location ~ \.php$ block from taking precedence (see this document for more). Use $request_filename, as it works with alias. Avoid using try_files with alias (see this issue).
I am using WordPress with Nginx but whenever I try to enable caching of static files they turn to 404 not found.
This is my /etc/nginx/conf.d/default.conf file:
server {
listen 80;
server_name _;
# SSL configuration
listen 443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/shivampaw.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/shivampaw.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_timeout 30m;
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 8k;
add_header Strict-Transport-Security max-age=31536000;
location / {
root /home/shivam/sites/shivampaw.com;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /home/shivam/sites/shivampaw.com;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 9;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json applicationx-javascript text/xml application/xml application/xml+rss text/javascript;
include wordpress/wordpress.conf;
And this is the WordPress.conf file:
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
With that, it works fine. But if I add
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
To the end of wordpress.conf and restart nginx and reload my site all the static files come up with 404.
So I have to comment that caching out and it works fine.
Any ideas?
This means that if I include wp-rocket.conf (I use it) it also gives a 404 because wp-rocket.conf has caching stuff in it.
So basically, why can't i cache static files?
It's because you've defined your root in the root location block. So the other location blocks don't know about it. This is bad practice (see here). These location blocks don't know where to look for the files.
You should have the root /home/shivam/sites/shivampaw.com; above your location / { block and then add the try_files $uri $uri/ /index.php?$args to each of your static blocks.
Another way to do it is to keep your config, but add alias /path/to/static/files/; to each block.
I did the following configurations for nginx server for code igniter and worked correctly , unfortunately there is one case not working.
When I request URL with parameter Like
servername.com/ControllerName/methodName?param=value
I got Not found Page 404
Server Configurations :
server {
# access from localhost only
listen 127.0.0.1:80;
server_name serverName.com;
root API;
log_not_found off;
charset utf-8;
access_log logs/accessservername.log main;
index index.php;
# handle files in the root path /www
location / {
try_files $uri $uri/ /index.php?$args;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root API;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100
#
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass php;
fastcgi_index index.php;
#fastcgi_param PHP_FCGI_MAX_REQUESTS 1000;
#fastcgi_param PHP_FCGI_CHILDREN 100;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REMOTE_ADDR $http_x_real_ip;
include fastcgi_params;
}
# add expire headers and speed up image access with a vary header
location ~* ^.+.(gif|ico|jpg|jpeg|png|flv|swf|pdf|mp3|mp4|xml|txt|js|css)$ {
expires 30d;
add_header Vary Accept-Encoding;
}
# only allow these request methods
if ($request_method !~ ^(GET|HEAD|POST)$ ){ return 405; }
}
I have cakephp set up with nginx, and before I had nginx set up and url rewriting was working perfectly, such that urls of form: mywebsite.com/cake_project/controller/action worked perfectly. Then I changed the name of the folder cake_project to web, and updated the nginx config file and now when I go to mywebsite.com/web the cakephp works, but If I go to mywebsite.com/web/controller or mywebsite.com/web/controller/action it gives 404.
(My Operating system is Ubuntu, and my CakePHP version is 2.3.9)
Here is what my current nginx config is, sorry I didn't backup my old nginx config :( (that probably would have helped me).
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
server {
listen 80;
listen [::]:80;
server_name mywebsite.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 default_server;
listen [::]:443 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
ssl on;
ssl_certificate path_to_ssl_certificate;
ssl_certificate_key path_to_ssl_key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# Make site accessible from http://localhost/
server_name localhost;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location /web {
alias /usr/share/nginx/html/web/app/webroot;
try_files $uri $uri/ /web/webroot/index.php;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# root html;
# index index.html index.htm;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
Can Anyone see, what I am doing wrong?
I have similar Nginx configs to this on everything from Nginx 1.4 - 1.8 seems to work well with CakePHP overall especially for the rewriting. Do you have things that are using the IPv6? I would think that stuff could go, if you are sure nothing is using IPv6.
Here is a working example I have working with several CakePHP 2.x project:
server {
listen 80 default_server;
server_name www.example.com;
rewrite ^(.*) https://www.example.com$1 permanent;
}
server {
listen 443 ssl;
access_log /var/log/nginx/www.example.com.access.log;
error_log /var/log/nginx/www.example.com.error.log;
root /var/www/production/app/webroot;
index index.php;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl.crt/www.example.com.intermediate.combined.crt;
ssl_certificate_key /etc/nginx/ssl.key/www.example.com.key;
# For Larger File Uploads
client_max_body_size 28M;
# This is for CakePHP
if (!-e $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
proxy_buffers 4 256k;
proxy_buffer_size 128k;
proxy_busy_buffers_size 256k;
# Cache Headers for Static Files
location ~* \.(?:ico|css|js|gif|jpe?g|png|swf)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
# Pass the PHP scripts to FastCGI server
# listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_pass_header Set-Cookie;
fastcgi_ignore_headers Cache-Control Expires;
fastcgi_intercept_errors on; # to support 404s for PHP files no$
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffers 4 256k;
fastcgi_buffer_size 128k;
fastcgi_busy_buffers_size 256k;
include fastcgi_params;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
# Deny access to .htaccess files,
# git & svn repositories, etc
location ~ /\.(ht|git|svn) {
deny all;
}
}
Here is another option that might work for you:
server {
listen 80;
listen [::]:80;
server_name mywebsite.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 default_server;
listen [::]:443 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
ssl on;
ssl_certificate path_to_ssl_certificate;
ssl_certificate_key path_to_ssl_key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# Make site accessible from http://localhost/
server_name localhost;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location /web {
rewrite ^/web$ /web/ permanent;
rewrite ^/web/(.+)$ /$1 break;
root /usr/share/nginx/html/web/app/webroot;
try_files $uri /$uri/ #cakephp;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# Other PHP Files - Non-CakePHP
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# For CakePHP
location #cakephp {
set $q $request_uri;
if ($request_uri ~ "^/web(.+)$") {
set $q $1;
}
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/web/app/webroot/index.php;
fastcgi_param QUERY_STRING url=$q;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_intercept_errors on; # to support 404s for PHP files no$
include fastcgi_params;
}
}