I have configured http->https redirection + non-www->www redirection.
I want to exclude two paths, so that they won't be redirected to https.
I have tried many possible configuration, I either get a 404 or I get redirected to the https version.
Here's the current config, which returns a 404, when trying to get a /loc2/ path (#curl http://www.server.dev/loc2/18a9BM4Lay):
server {
listen 80;
listen [::]:80;
server_name server.dev;
location / {
return 301 https://$server_name$request_uri;
}
location /loc1/ {
try_files $uri $uri/ /index.php?$args;
}
location /loc2/ {
try_files $uri $uri/ /index.php?$args;
}
}
server {
listen 80;
listen [::]:80;
server_name www.server.dev;
root /var/www/web/server/public;
location / {
# return 301 https://$server_name$request_uri;
}
location ^~ /loc1/ {
# root /var/www/web/server/public;
index index.php;
# try_files $uri $uri/ /index.php?$args;
include pool_web.conf;
}
location ^~ /loc2/ {
# root /var/www/web/server/public;
index index.php;
# try_files $uri $uri/ /index.php?$args;
location ~ \.php$ {
# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;
# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
include fastcgi.conf;
fastcgi_read_timeout 360s;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/server-php7.0-fpm.sock;
}
# include pool_web.conf;
}
}
server {
# listen 80;
# listen [::]:80;
listen 443 ssl http2;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
server_name server.dev;
rewrite ^ $scheme://www.server.dev$request_uri? permanent;
}
server {
# listen 80;
listen 443 ssl http2;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
server_name www.server.dev;
root /var/www/web/server/public;
index index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location /images/ {
try_files $uri =404;
}
location ~ \.php$ {
include pool_web.conf;
}
location ~ \.(css|htc|less|js|js2|js3|js4)$ {
expires 31536000s;
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public";
}
location ~ \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|eot|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|mpp|otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|ttf|ttc|wav|wma|wri|woff|xla|xls|xlsx|xlt|xlw|zip)$ {
expires 31536000s;
add_header Pragma "public";
add_header Cache-Control "max-age=31536000, public";
}
}
You need to add a try_files statement to define a default handler. The index directive only works if a directory is specified.
For example:
location ^~ /loc2/ {
try_files $uri $uri/ /loc2/index.php;
...
}
See this document for details.
Related
We have a website where we are using a Laravel for the part available to the end-user, and an older legacy codebase for the admin panel.
Currently root is the public folder for the currently deployed version.
The website folder structure looks something like this:
admin/
|____index.php <-- desired entrypoint for admin-related requests
app/
public/
|____index.php <-- main entrypoint for website
resources/
routes/
So, when someone wants to access the admin panel they go to example.com/admin
Here's the current nginx configs file we are using.
example.com
server {
server_name example.com;
root /var/www/example.com/current/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /admin {
proxy_pass http://localhost:3000;
}
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
example.com/admin
server {
listen 3000;
server_name example.com;
root /var/www/example.com/current/admin;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
I'm not very well versed in nginx server configuration and would love som assistance on this.
EDIT 1
Config file using map:
EDIT 2
Updated the config below with the changes made to make it work.
map $uri $siteroot {
# This didn't work, per the accepted answer.
# ^/admin /var/www/example.com/current/admin;
# This works great!
^/admin /var/www/example.com/current;
default /var/www/example.com/current/public;
}
server {
server_name example.com;
root $siteroot;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name example.com;
return 404; # managed by Certbot
}
If you try changing root directory, Nginx will shows not found error.
Because, Nginx tries find file with request path even you changed root.
For example, If you change root directory for /admin path to /app/admin, Nginx will find file in /app/admin/admin. That's why you can't reach file.
Try insert rewrite /admin(.*) $1 break; line at /admin location block and set root path, or use alias expression.
I would use map directive for this, something like
map $uri $siteroot {
~^/admin /var/www/example.com/current/admin;
default /var/www/example.com/current/public;
}
server {
server_name example.com;
root $siteroot;
...
}
I have configured nginx with multiple locations, one for a laravel project and another for a native php project.
Laravel project is working perfectly, but the second location seems to give:
"403 Forbidden nginx/1.14.0 (Ubuntu) "
Here is my default file:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/html/washyapi/public;
try_files $uri $uri/ index.php$is_args$args;
index index.html index.htm index.php;
server_name 167.71.239.178;
location / {
try_files $uri $uri/ index.php$is_args$args;
try_files $uri $uri/ /index.php?$query_string;
#index index.php;
}
location /admin {
root /var/www/html/;
#autoindex on;
#autoindex_exact_size off;
index index.php;
#try_files $uri /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}
after few days of struggling, here what i have done to make it work.
Here's the working configuration to have two apps working, where one application exists in a subdirectory of another.
default file :
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/top/public;
index index.html index.htm index.php;
server_name _;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /nested {
alias /var/www/nested/public;
try_files $uri $uri/ #nested;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
}
location #nested {
rewrite /nested/(.*)$ /nested/index.php?/$1 last;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
}
don't forget to restart the nginx server :
service nginx restart
/etc/nginx/conf.d/default.conf
server{
listen 80;
listen [::]:80;
server_name 192.168.56.101 192.168.101.100 localhost;
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
my codeigniter folder is 'ci' which is located in /var/www/html/ci
what configuration do I need to work url rewriting?...
I didn't want to change the current document root (/var/www/html)
since my 'ci' folder is located at /var/www/html/ci.
So instead, I created a new location block in /etc/nginx/conf.d/default.conf:
server{
...
location /ci {
try_files $uri $uri/ /ci/index.php?/$request_uri;
}
...
}
Thanks to Mert Öksüz for suggesting to use try_files $uri $uri/ /ci/index.php?/$request_uri;.
This one also work:
location /ci {
try_files $uri $uri/ /ci/index.php?$query_string;
}
Change your root to root /var/www/html/ci
Change your try_files to try_files $uri $uri/ /index.php?/$request_uri;
Be sure your fpm path (unix:/var/run/php-fpm/php-fpm.sock;) is correct.
I faced same problem and modified a little bit nginx conf from this site https://gist.github.com/yidas/30a611449992b0fac173267951e5f17f
server {
listen 80;
# For https
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name sc.hr;
root /var/www/sc/hr/;
index index.php index.html index.htm;
# set expiration of assets to MAX for caching
#location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
# expires max;
# log_not_found off;
#}
location / {
# Check if a file or directory index file exists, else route it to index.php.
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
# Deny for accessing .htaccess files for Nginx
location ~ /\.ht {
deny all;
}
# Deny for accessing codes
location ~ ^/(application|system|tests)/ {
return 403;
}
}
This conf worked on my laradock nginx container.
This worked for me
location ~* \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
include fastcgi.conf;
}
In case someone looking for CI 4 nginx on ubuntu 18.04 configuration :
root /var/www/ci/public;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# this is not working for the first get argument :
# try_files $uri $uri/ /index.php?/$request_uri;
# use this :
try_files $uri $uri/ /index.php$is_args$args;
}
I'm in this weird situation, I set up my nginx and everything is working fine until I change the index file of the second host from index.html to index.php. When I make this change the second host show a blank page.
#
# HOST 1
#
server {
listen 80;
listen [::]:80;
server_name domain1.com;
root /var/www/Folder1/public;
index index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
#
# HOST 2
#
server {
listen 80;
listen [::]:80;
server_name domain2.com;
root /var/www/Folder2/public;
index index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
Settings are the same but meanwhile for the first are working perfect, for the second no.
Thanks in advance.
i have a nginx server running and want to remove the .php extension from my files. I have allready tried a few things but the only thing i managed to accopmplish was breaking the fastcgi proccessing leading into downloading php files. The server is running fine with the following configuration:
##
# Virtual Host configuration for example.com
##
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GC$
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/dhparams.pem;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /usr/share/nginx/html/example/;
index index.php;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
}
location /uploads {
deny all;
}
error_page 404 /templates/404.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location ~* \.(?:ttf|ttc|otf|eot|woff|font.css|jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
access_log off;
add_header Cache-Control "public";
}
location ~ /\. {
deny all;
}
}
Thank you for your effort and time.
##
# Virtual Host configuration for example.com
##
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GC$
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/dhparams.pem;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /usr/share/nginx/html/example/;
index index.php;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ #extensionless-php; // add #extensionless-php
}
location /uploads {
deny all;
}
error_page 404 /templates/404.php;
location ~ \.php$ {
try_files $uri =404; // add this
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location #extensionless-php { // add this block
rewrite ^(.*)$ $1.php last;
}
location ~* \.(?:ttf|ttc|otf|eot|woff|font.css|jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
access_log off;
add_header Cache-Control "public";
}
location ~ /\. {
deny all;
}
}
from this site http://www.tweaktalk.net/60/nginx-remove-php-file-extension-from-url