I am using WordPress with Nginx but whenever I try to enable caching of static files they turn to 404 not found.
This is my /etc/nginx/conf.d/default.conf file:
server {
listen 80;
server_name _;
# SSL configuration
listen 443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/shivampaw.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/shivampaw.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_timeout 30m;
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 8k;
add_header Strict-Transport-Security max-age=31536000;
location / {
root /home/shivam/sites/shivampaw.com;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /home/shivam/sites/shivampaw.com;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 9;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json applicationx-javascript text/xml application/xml application/xml+rss text/javascript;
include wordpress/wordpress.conf;
And this is the WordPress.conf file:
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
With that, it works fine. But if I add
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
To the end of wordpress.conf and restart nginx and reload my site all the static files come up with 404.
So I have to comment that caching out and it works fine.
Any ideas?
This means that if I include wp-rocket.conf (I use it) it also gives a 404 because wp-rocket.conf has caching stuff in it.
So basically, why can't i cache static files?
It's because you've defined your root in the root location block. So the other location blocks don't know about it. This is bad practice (see here). These location blocks don't know where to look for the files.
You should have the root /home/shivam/sites/shivampaw.com; above your location / { block and then add the try_files $uri $uri/ /index.php?$args to each of your static blocks.
Another way to do it is to keep your config, but add alias /path/to/static/files/; to each block.
Related
I am struggling with this from quite sometime now and thought to ask the community.
I have recently started working on digital ocean and nginx. I was using apache earlier.
I have a simple wordpress website that works fine in local but when pushed on droplet server using nginx the site is not working properly.
The landing page is working fine but when i route to different link I get 404 error page from nginx.
I feel this is because of htaccess file that is not getting picked up in nginx and I have to rewrite rules in nginx but nothing worked.
Here is my configuration file for nginx.conf file, sites-available/default file
sites-available/default
server {
listen 80;
server_name martinschildrenacademy.com www.martinschildrenacademy.com;
return 301 https://$host$request_uri;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
# Default server configuration
#
server {
# listen 80 default_server;
# listen [::]:80 default_server;
listen 443 ssl;
server_name martinschildrenacademy.com www.martinschildrenacademy.com;
ssl_certificate /etc/letsencrypt/live/martinschildrenacademy.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/martinschildrenacademy.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name martinschildrenacademy.com;
# pass PHP scripts to FastCGI server
#
location ~ \.php$ {
include snippets/fastcgi-php.conf;#
# # With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100M;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Any suggestion that could help me to solve this issue?
You have two server blocks in your sites-available/default file. The first server block receives HTTP requests and then responds with redirect instructions to the HTTPS version defined with the second server block. You only need to keep the first 3 lines inside the first block and remove the rest like this:
server {
listen 80;
server_name martinschildrenacademy.com www.martinschildrenacademy.com;
return 301 https://$host$request_uri;
}
Nginx configuration for WordPress must have the following location block to work correctly:
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
So you must insert the location block into the second server block. You did. And it worked.
Just got this working.
Not sure why but I just moved this line
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
in default.config file from top to bottom server block. And it worked.
Try this:
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
My CSS and JS files are showing up as 404 / File Not Found. It is the "Laravel 404" page, not the "Nginx 404" page that is being shown, which makes me think it could be a Laravel issue, but I'm not sure. The rest of my site and the Laravel app in the sub-directory are working fine.
I have Nginx serving a regular PHP web site (PHP-FPM) from the default root at /
I also have Nginx serving a Laravel app from /todos/
But the images from under /todos/ (the Laravel app) are all showing up as 404. The file system location is /todos/public/css/ and /todos/public/js/ accordingly.
I'm guessing this is an Nginx issue, but I'm not sure. It might be a Laravel issue. Do I need to set a Route in /routes/web.php for css and js files in Laravel?
This is a pretty vanilla Bitnami Ubuntu install.
Here are my Nginx config files:
Contents of nginx.conf:
user daemon daemon;
worker_processes auto;
error_log "/opt/bitnami/nginx/logs/error.log";
pid "/opt/bitnami/nginx/logs/nginx.pid";
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
client_body_temp_path "/opt/bitnami/nginx/tmp/client_body" 1 2;
proxy_temp_path "/opt/bitnami/nginx/tmp/proxy" 1 2;
fastcgi_temp_path "/opt/bitnami/nginx/tmp/fastcgi" 1 2;
scgi_temp_path "/opt/bitnami/nginx/tmp/scgi" 1 2;
uwsgi_temp_path "/opt/bitnami/nginx/tmp/uwsgi" 1 2;
access_log "/opt/bitnami/nginx/logs/access.log";
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_proxied any;
gzip_vary on;
gzip_types text/plain
text/xml
text/css
text/javascript
application/json
application/javascript
application/x-javascript
application/ecmascript
application/xml
application/rss+xml
application/atom+xml
application/rdf+xml
application/xml+rss
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon
application/atom_xml;
gzip_buffers 16 8k;
add_header X-Frame-Options SAMEORIGIN;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS;
include "/opt/bitnami/nginx/conf/bitnami/bitnami.conf";
Contents of bitnami.conf:
# HTTP server
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
server_name localhost;
return 301 https://$host$request_uri;
location / {
root /opt/bitnami/nginx/html;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$query_string;
}
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
}
# HTTPS server
server {
listen 443 ssl http2;
listen [::]:443 default ipv6only=on;
server_name localhost;
ssl_certificate server.crt;
ssl_certificate_key server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location / {
root /opt/bitnami/nginx/html;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$query_string;
}
location /todos {
try_files $uri $uri/ /todos/index.php?$query_string;
index index.php index.html index.htm;
root /opt/bitnami/nginx/html/todos/public/;
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_read_timeout 300;
fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME /opt/bitnami/nginx/html/todos/public/index.php;
fastcgi_param QUERY_STRING $query_string;
include fastcgi_params;
}
}
## Begin - Security
# deny all direct access for these folders
location ~* /(\.git|cache|bin|logs|backup|tests)/.*$ { return 403; }
# deny running scripts inside core system folders
location ~* /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny running scripts inside user folder
location ~* /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ { return 403; }
# deny access to specific files in the root folder
location ~ /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) { return 403; }
## End - Security
include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
}
include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-vhosts.conf";
Contents of /opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf:
location ~ \.php$ {
root html;
fastcgi_read_timeout 300;
fastcgi_pass unix:/opt/bitnami/php/var/run/www.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
Well, I ended up adding the following location blocks and it worked, turns out alias was the trick:
location /todos/css/ {
alias /opt/bitnami/nginx/html/todos/public/css/;
}
location /todos/js/ {
alias /opt/bitnami/nginx/html/todos/public/js/;
}
I am trying to redirect a 403 Forbidden request to the homepage of our website (index.php). An example URL that is receiving a 403 error message is this URL: https://www.acme.com/dr/mellow/. I tried adding the following line to my configuration file: error_page 403 /index.php;. When I did that, I no longer receive the 403 Forbidden message, I just receive a blank white page. I simply would like to redirect to /index.php. I am currently running an NGINX server. Here is my configuration file:
server {
server_name acme.com;
return 301 $scheme://www.acme.com$request_uri;
}
server {
listen 80;
server_name www.acme.com;
#BEGIN SSL
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/acme.com.chained.crt;
ssl_certificate_key /etc/nginx/ssl/acme.com.key;
# Makes for the most secure connections
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;
#END SSL
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ $uri.html $uri.php?$query_string;
}
error_page 403 =200 /index.php;
error_page 404 /index.php;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
##BEGIN ALLOWING LARGE UPLOADS##
client_max_body_size 100M;
## BEGIN CACHING SETTINGS ##
# Media: images, icons, video, audio, fonts, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|woff)$ {
expires 30d;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 30d;
access_log off;
add_header Cache-Control "public";
}
## END CACHING SETTINGS ##
}
I used this tutorial from DigitalOcean
I am not able to get my vps to work with just one wordpress site with nginx.
Eventually I want to have 2 Wordpress sites on 2 different directories on the same server.
I included all 3 .conf files wordress.conf, common.conf & multisite.conf just like it says in the tutorial.
nginx.conf
user www-data;
worker_processes 1;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss textjavascript;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
My file in /etc/nginx/sites-enabled/example that is symlinked from /etc/nginx/sites-available/example
server {
server_name example.com;
rewrite ^/(.*)$ http://www.example.com/$1 permanent;
}
server {
server_name www.example.com;
root /var/www/example;
access_log /var/log/nginx/www.example.com.access.log;
error_log /var/log/nginx/www.example.com.error.log;
include global/common.conf;
include global/wordpress.conf;
}
wordpress.conf
# WORDPRESS : Rewrite rules, sends everything through index.php and keeps the appended query string intact
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
# SECURITY : Deny all attempts to access PHP Files in the uploads directory
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# REQUIREMENTS : Enable PHP Support
location ~ \.php$ {
# SECURITY : Zero day Exploit Protection
try_files $uri =404;
# ENABLE : Enable PHP, listen fpm sock
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# PLUGINS : Enable Rewrite Rules for Yoast SEO SiteMap
rewrite ^/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
#Yeah! you did it.
common.conf
# Global configuration file.
# ESSENTIAL : Configure Nginx Listening Port
listen 80;
# ESSENTIAL : Default file to serve. If the first file isn't found,
index index.php index.html index.htm;
# ESSENTIAL : no favicon logs
location = /favicon.ico {
log_not_found off;
access_log off;
}
# ESSENTIAL : robots.txt
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# ESSENTIAL : Configure 404 Pages
error_page 404 /404.html;
# ESSENTIAL : Configure 50x Pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/www;
}
# SECURITY : Deny all attempts to access hidden files .abcde
location ~ /\. {
deny all;
}
# PERFORMANCE : Set expires headers for static files and turn off logging.
location ~* ^.+\.(js|css|swf|xml|txt|ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off; log_not_found off; expires 30d;
}
multisite.conf
# Rewrite rules for WordPress Multi-site.
if (!-e $request_filename) {
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last;
rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last;
}
I configured the wp-config.php file as well.
Created my MySQL user and made sure the user has access to the database.
Also changed the permissions of /var/www/example with chmod -R 755 .
And I have nothing on my logs:
/var/log/nginx/www.example.com.access.log nor /var/log/nginx/www.example.com.error.log files have been created.
When I curl or telnet I get a connection refused
telnet xxx.xxx.xxx.xx or telnet example.com
Trying xxx.xxx.xxx.xx...
telnet: connect to address xxx.xxx.xxx.xx: Connection refused
telnet: Unable to connect to remote host
curl xxx.xxx.xxx.xx or curl example.com
`curl: (7) Failed to connect to xxx.xxx.xxx.xx port 80: Connection refused`
Im trying to have 2 websites set up on a CENTOS 7, Digital Ocean server.
One site is to be served from /srv/http/eventadvisor.in/public_html and the other from /srv/http/eventadvisor.in/public_html.
I installed drupal seccessfully in the first directory. Now when I repeat the steps in the second, it automatically takes the settings from the first site's settings.php and gives the following error:
Drupal Already Installed
To start over, you must empty your existing database.
To install to a different database, edit the appropriate settings.php file in the sites folder.
To upgrade an existing installation, proceed to the update script.
View your existing site.
I am running a nginx server with the following conf file:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*.conf;
}
And each sites configuration file is:
server {
listen 80;
server_name sanjayshitole.com www.sanjayshitole.com *.sanjayshitole.com;
#charset koi8-r;
#access_log /var/log/nginx/log/host.access.log main;
# location / {
root /srv/http/sanjayshitole.com/public_html;
index index.php index.html index.htm;
# }
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
root /srv/http/eventadvisor.in/public_html;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
I managed to solve the issue by using a modification of the configuration shown in this blog: Lelutin
This is my configuration file that worked well (slight centOS specific modifications were made):
server {
server_name sanjayshitole.com;
root /srv/http/sanjayshitole.com/public_html;
index index.html index.htm index.php;
access_log /var/log/nginx/sanjayshitole.comaccess.log;
error_log /var/log/nginx/sanjayshitole.org.error.log;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# For drush
location = /backup {
deny all;
}
# Prevent user from accessing settings.php directly
location ~ ^/sites/[^/]+/settings.php$ {
deny all;
}
## Replicate the Apache <FilesMatch> directive of Drupal standard
## .htaccess. Disable access to any code files. Return a 404 to curtail
## information disclosure. Hide also the text files.
location ~* ^(?:.+\.(?:htaccess|make|txt|log|engine|inc|info|install|module|profile|po|sh|.*sql|theme|tpl(?:\.php)?|xtmpl)|code-style\.pl|/Entries.*|/Repository|/Root|/Tag|/Template)$ {
return 404;
}
location ~ \..*/.*\.php$ {
return 403;
}
location / {
# This is cool because no php is touched for static content
try_files $uri #rewrite;
}
location #rewrite {
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn't be needed (GlobalRedirect)
#rewrite ^/(.*)$ /index.php?q=$1&$args;
rewrite ^ /index.php last;
}
# Use an SSH tunnel to access those pages. They shouldn't be visible to
# external peeping eyes.
location = /install.php {
allow 127.0.0.1;
deny all;
}
location = /update.php {
allow 127.0.0.1;
deny all;
}
location ~ \.php$ {
root /srv/http/sanjayshitole.com/public_html;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
}
## Drupal 7 generated image handling, i.e., imagecache in core. See:
## https://drupal.org/node/371374
location ~* /sites/.*/files/styles/ {
access_log off;
expires 30d;
try_files $uri #rewrite;
}
# Fighting with ImageCache? This little gem is amazing.
location ~ ^/sites/.*/files/imagecache/ {
try_files $uri #rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
}
I would still like an explanation of why the default conf that ships with nginx did not work, so please feel free to answer this question.
SD