On my site conf I have:
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* \.(ttf|ttc|otf|eot|woff|font.css|css|ico|js|gif|jpe?g|png|less|txt)$ {
etag on;
access_log off;
log_not_found off;
expires 180d;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
add_header 'Access-Control-Allow-Origin' "*";
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_read_timeout 5m;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
fastcgi_max_temp_file_size 0;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
But then I try to access http://my-site-url/images/profiles/uid-of-my-image.jpg It's not being redirecting to php, where I have a script that generates this image.
Try adding a root directive specifying where the static files live along with try_files $uri $uri/ /index.php?$args; in your second location block that you've provided. Below is a sample config:
...
location ~* \.(ttf|ttc|otf|eot|woff|font.css|css|ico|js|gif|jpe?g|png|less|txt)$ {
root /absolute/path/to/static/files;
try_files $uri $uri/ /index.php?$args;
etag on;
access_log off;
log_not_found off;
expires 180d;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
add_header 'Access-Control-Allow-Origin' "*";
}
...
Related
My application includes a vue only frontend with api written in laravel. The way I want to set it up like this:
http://myapp.local --> Points to the vue frontend.
http://myapp.local/api --> Points to the laravel application api routes.
This is my nginx config:
server {
listen 80;
server_name myapp.local *.myapp.local;
root /var/www/myapp-frontend/dist;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location ^~ /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location #api {
rewrite /api/(.*)$ /api/index.php/$1 last;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Hitting http://myapp.local/api opens the root laravel route. But if I open any other route in my application I get an 500 Internal Server
Error.
This is the error in nginx's error log:
2019/09/09 15:58:18 [error] 20954#20954: *10 rewrite or internal redirection cycle while redirect to named location "#api", client:
127.0.0.1, server: myapp.local, request: "GET /api/admin/features HTTP/1.1", host: "myapp.local"
Update
I have managed to make it work somehow, this is what the updated config looks like
server {
listen 80;
server_name *.myapp.local;
root /var/www/myapp-api/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.php;
charset utf-8;
add_header X-debug-request-filename "$request_filename" always;
add_header X-debug-document-root "$document_root" always;
add_header X-debug-fastcgi-script-name "$fastcgi_script_name" always;
add_header X-debug-query-string "$query_string" always;
location / {
root /var/www/myapp-frontend/dist;
try_files $uri $uri/ /index.html = 404;
}
location /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
add_header X-debug-request-filename "$request_filename" always;
add_header X-debug-document-root "$document_root" always;
add_header X-debug-fastcgi-script-name "$fastcgi_script_name" always;
add_header X-debug-query-string "$query_string" always;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location #api {
rewrite ^/api/(.*)$ /api/index.php?/$1 last; # THIS IS THE IMPORTANT LINE
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
#error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
I have one small problem though, everytime I access the api routes I need to write /api twice in order to get the correct address. For example like this http://myapp.local/api/api/login. /api/login is the actual route, and http://myapp.local/api/ points to the laravel application, so needing to write /api twice makes sense. But would it be anyhow possible to just use http://myapp.local/api/login to access /api/login route?
Add the location / for the vue.js interpreter
server {
listen 80;
server_name myapp.local *.myapp.local;
root /var/www/myapp-frontend/dist;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location ^~ /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location #api {
rewrite /api/(.*)$ /api/index.php/$1 last;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Used the port 3000 as example in here. Set it to your node listening port.
I have a Magento install with standard NGINX config below. I need to enable connection to certain .php files in /var/www/html in order to connect with third party software. The files are ThirdPartySoftware.php and I would only like those certain files to be publicly accessible. They also take arguments to url is like /ThirdPartySoftware.php?Token=2313425wfwfwe for an example.
upstream fastcgi_backend {
server unix:/var/run/php/php7.1-fpm.sock;
}
server {
listen 80;
server_name mage.dev;
set $MAGE_ROOT /var/www/html;
}
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version[^/]+/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
try_files $uri $uri/ /get.php$is_args$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php$is_args$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php$is_args$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
# PHP entry point for main application
location ~ (index|get|static|report|404|503|health_check)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 1024 4k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=18000";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.htaccess$|\.git) {
deny all;
}
Try adding these lines in conf file of nginx
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/__PATH_TO_DIR_$fastcgi_script_name;
include fastcgi_params;
}
try to put this inside your server block:
location ~/ThirdPartySoftware.php {
root $MAGE_ROOT;
fastcgi_pass fastcgi_backend;
fastcgi_index ThirdPartySoftware.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
Seems like you deny all php access except those declared explicitly on location. So I Think if those config work for you, you just need to treat your problem like update or main application location block.
Currently, I'm getting an error that the laravel image intervention package always return 404 error every time I try to access an image via URL manipulation.
My images are stored in 'storage/app/images' folder
My nginx config:
server {
listen 80;
server_name ######;
rewrite ^(.*) http://#####$1 permanent;
}server {
listen 80;
# access_log off;
access_log /home/#####/logs/access.log;
# error_log off;
error_log /home/#####/logs/error.log;
root /home/######/public_html/dtu-feedback-api/public;
index index.php index.html index.htm;
server_name ######;
# Custom configuration
include /home/######/public_html/dtu-feedback-api/*.conf;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 32k;
fastcgi_buffers 8 16k;
fastcgi_busy_buffers_size 32k;
fastcgi_temp_file_write_size 32k;
fastcgi_intercept_errors on;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\. {
deny all;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
gzip_static off;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
expires 30d;
break;
}
location ~* \.(txt|js|css)$ {
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
expires 30d;
break;
}
}
And here is the log:
*1 open() "/home/#####/public_html/dtu-feedback-api/public/imagecache/medium/placeholder1.png" failed (2: No such file or directory)
Look like it tried to find the images in the imagecache path instead of the storage path.
So could you please help me with this error, thank you.
I found the solution, after I remove the
location ~* \.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|eot|svg|ttf|woff)$ {
gzip_static off;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
expires 30d;
break;
}
Then the image link starts working
I am trying to set up Flarum in a subdirectory of Laravel. The installation went fine, but I have a few problems.
If I try to access admin panel -> NotFoundHttpException in RouteCollection.php line 161:
Notifications -> 404 Not Found GET GET http://axiom.app/forum/api/notifications
Make a discussion -> 404 Not Found POST http://axiom.app/forum/api/discussions
Running homestead with nginx. This is the configuration block
server {
listen 80;
listen 443 ssl;
server_name axiom.app;
root "/home/vagrant/Code/axiom/public";
index index.html index.htm index.php;
location /api { try_files $uri $uri/ /api.php?$query_string; }
location /admin { try_files $uri $uri/ /admin.php?$query_string; }
location /flarum {
deny all;
return 404;
}
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/axiom.app-error.log error;
sendfile off;
client_max_body_size 100m;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
location ~ /\.ht {
deny all;
}
location ~* \.html$ {
expires -1;
}
location ~* \.(css|js|gif|jpe?g|png)$ {
expires 1M;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types application/atom+xml
application/javascript
application/json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/xml;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
ssl_certificate /etc/nginx/ssl/axiom.app.crt;
ssl_certificate_key /etc/nginx/ssl/axiom.app.key;
}
Any idea how to fix this? Thanks in advance
Found the answer.
location /api { try_files $uri $uri/ /api.php?$query_string; }
location /admin { try_files $uri $uri/ /admin.php?$query_string; }
need to be relative to flarum
location /forum/api { try_files $uri $uri/ /forum/api.php?$query_string; }
location /forum/admin { try_files $uri $uri/ /forum/admin.php?$query_string; }
location /forum/ { try_files $uri $uri/ /forum/index.php?$query_string; }
The last line needs to be added to the block.
I'm working on a website that has copies of the same images in various sizes e.g.
/images/200x100/someimage.jpg
/images/400x200/someimage.jpg
etc.
The images are served directly by Nginx and only php requests get passed to the fastcgi.
If an image can't be found I would like to pass the request to fastcgi so that I can see if we can generate a version of the image in the correct size and then return that.
I just can't get it working - if the image is missing I can get it to call the script I want (instead of just returning a 404) BUT it is just returning the source of the php script.
This is the relevant part of my conf file:
location ~ (^|/)\. {
return 404;
}
location /imgs {
location ~ \.php$ {return 403;}
}
#Static Contents
location ~* ^.+.(jpg|jpeg|png|gif|bmp)$ {
try_files $uri /$uri #backend;
add_header Pragma "public";
add_header Cache-Control "public";
expires 1y;
access_log off;
log_not_found off;
}
# Static Contents
location ~* ^.+.(ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|eot|woff|svg|htc)$ {
add_header Pragma "public";
add_header Cache-Control "public";
expires 1y;
access_log off;
log_not_found off;
}
location / {
# Check if a file exists, or route it to index.php.
try_files $uri $uri/ /index.php?$query_string;
}
location ~\.php$ {
try_files $uri =404;
fastcgi_pass unix:/dev/shm/apache-php.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location #backend {
#return 410;
rewrite ^(.*)$ /image.php?url=$1;
fastcgi_pass unix:/dev/shm/apache-php.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
A missing image will then pass into the location #backend but I can't pass the $uri to a script.
I've been through all kinds of variations what am I doing wrong? Any suggestions gratefully appreciated! Thanks.
Update
I've got this working in another VM perfectly (I copied the backend block and images blocks into the other conf file) - the only difference is that the one that works is using Apache instead of fastcgi.
The problem was a just a typo.
I was trying to rewrite to /image.php it should have been /images.php
The working version of the above conf file is as follows:
location ~ (^|/)\. {
return 404;
}
location /imgs {
location ~ \.php$ {return 403;}
}
#Static Contents
location ~* ^.+.(jpg|jpeg|png|gif|bmp)$ {
try_files $uri /$uri #backend;
add_header Pragma "public";
add_header Cache-Control "public";
expires 1y;
access_log off;
log_not_found off;
}
# Static Contents
location ~* ^.+.(ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|eot|woff|svg|htc)$ {
add_header Pragma "public";
add_header Cache-Control "public";
expires 1y;
access_log off;
log_not_found off;
}
location / {
# Check if a file exists, or route it to index.php.
try_files $uri $uri/ /index.php?$query_string;
}
location ~\.php$ {
try_files $uri =404;
fastcgi_pass unix:/dev/shm/apache-php.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location #backend {
rewrite ^(.*)$ /images.php?url=$1;
}