I cloned my code on the server which is running with Nginx. After composer install, i can open the home pages of Laravel. But when i goto other pages, it returns access denied. The address is similar to www.xx.com/index.php/xx.
The nginx logs and laravel logs only shows 403.
Here is nginx config:
user www www;
worker_processes auto;
error_log /data/wwwlogs/error_nginx.log crit;
pid /var/run/nginx.pid;
worker_rlimit_nofile 51200;
events {
use epoll;
worker_connections 51200;
multi_accept on;
}
http {
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 1024m;
sendfile on;
tcp_nopush on;
keepalive_timeout 120;
server_tokens off;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 128k;
#Gzip Compression
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 6;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
text/xml application/xml application/atom+xml application/rss+xml application/xhtml+xml image/svg+xml
text/javascript application/javascript application/x-javascript
text/x-json application/json application/x-web-app-manifest+json
text/css text/plain text/x-component
font/opentype application/x-font-ttf application/vnd.ms-fontobject
image/x-icon;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
#If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
######################## default ############################
server {
listen 80;
server_name xx.com www.xx.com;
access_log /data/wwwlogs/access_nginx.log combined;
root /data/wwwroot/default/public/;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /nginx_status {
stub_status on;
access_log on;
allow 127.0.0.1;
deny all;
}
location ~ [^/]\.php(/|$) {
#fastcgi_pass remote_php_ip:9000;
fastcgi_pass unix:/dev/shm/php-cgi.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
}
########################## vhost #############################
include vhost/*.conf;
}
You can try like below:
location / {
try_files $uri $uri/ /index.php?$query_string;
}
I hope to solve your problem.
Related
our backend for some reason puts request together with response.
like, when js sends post/get/whatever request with name=hello&pass=hell
the response from php should be {result:true}
but instead we are getting name=hello&pass=hell{result:true}
example screenshot
its 100% not js or php issue, we tested the same exact scripts on different server - no issues there.
server we are having issues with is running nginx, here is how config looks like. no idea where to search for the error
user www-data;
worker_processes auto;
worker_rlimit_nofile 65535;
pid /var/run/nginx.pid;
events {
worker_connections 100000;
multi_accept on;
}
http {
## Basic Settings ##
client_body_timeout 20s; # Use 5s for high-traffic sites
client_header_timeout 20s; # Use 5s for high-traffic sites
client_max_body_size 1024m;
keepalive_timeout 20s;
port_in_redirect off;
sendfile on;
server_names_hash_bucket_size 64;
server_name_in_redirect off;
server_tokens off;
tcp_nodelay on;
tcp_nopush on;
types_hash_max_size 2048;
## DNS Resolver ##
# If in China, enable the OpenDNS entry that matches your network connectivity (IPv4 only or IPv4 & IPv6)
# OpenDNS (IPv4 & IPv6)
#resolver 208.67.222.222 208.67.220.220 [2620:0:ccc::2] [2620:0:ccd::2];
# OpenDNS (IPv4 only)
#resolver 208.67.222.222 208.67.220.220;
# Google Public DNS (IPv4 & IPv6)
#resolver 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844];
# Google Public DNS (IPv4 only) [default]
resolver 8.8.8.8 8.8.4.4;
##
# Protect Dos
##
limit_req_zone $binary_remote_addr zone=dos:10m rate=4000r/s;
limit_req zone=dos burst=1000;
limit_req_status 503;
## MIME ##
include /etc/nginx/mime.types;
default_type application/octet-stream;
## Logging Settings ##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
## Gzip Settings ##
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 5;
gzip_disable "msie6";
gzip_min_length 256;
gzip_proxied any;
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-javascript
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/javascript
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy
text/x-js
text/xml;
gzip_vary on;
# Proxy Settings
proxy_cache_path /tmp/engintron_dynamic levels=1:2 keys_zone=engintron_dynamic:20m inactive=10m max_size=500m;
proxy_cache_path /tmp/engintron_static levels=1:2 keys_zone=engintron_static:20m inactive=10m max_size=500m;
proxy_temp_path /tmp/engintron_temp;
## Virtual Host Configs ##
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name [censored];
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass localhost:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
server {
server_name brokenshit.[censored].com www.brokenshit.[censored].com;
root /var/www/html/Production;
index index.php;
rewrite ^/l/(.*)$ /lead_details.php?id=$1 last;
rewrite ^/cb/(.*)$ /lead_cob.php?id=$1 last;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass localhost:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
UPDATE
sending requests from postman to this server - no issues, normal response without any unnecessary strings
UPDATE 2
service php7.4-fpm restart helps for a short period of time
auto_prepend_file = none in php.ini helps for a short period of time
pfpinfo(); is indeed showing different auto_prepend_file, allow_url_include and disable_functions parameters each time you refresh the page
seems like changing listen from 9000 to 127.0.0.1:9000 in /etc/php/7.4/fpm/pool.d/www.conf solved the request in response issue
I have a dedicated server with this hardware configs:
CPU: Intel(R) Xeon(R) Gold 6226R CPU # 2.90GHz
RAM: 64GB
Disk: SSD 512GB
My stack is:
SO: Ubuntu latest LTS
Web Server: Nginx 1.18.0
Language: PHP 7.4
Database: MariaDB 10.3.25
Currently, the TTFB is around 400ms and I have some problems with slow requests on Wordpress dashboard and site performance.
I know about the optimizations in site side but, I tested some stuffs to get the real problem: Server Side.
I have more than 200 sites, all in Wordpress and "Tiedye", using just the best plugins. All of this is connected to Cloudflare with the best options and with cache plugin (WP Rocket).
About the configs of the software, follow:
NGINX
user www-data;
worker_processes auto;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log crit;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
http {
#BASIC CACHE
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
access_log off;
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 30;
send_timeout 2;
keepalive_requests 100000;
reset_timedout_connection on;
types_hash_max_size 2048;
#LARGE URL, LARGE REQUESTS AND SIZES IMPROVE
large_client_header_buffers 4 256k;
client_max_body_size 500M;
client_header_buffer_size 3M;
client_body_buffer_size 128k;
client_body_timeout 30m;
client_header_timeout 30m;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
server_names_hash_bucket_size 512;
#SSL
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
ssl_buffer_size 4k;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 1h;
#DEFAULT
include /etc/nginx/mime.types;
default_type application/octet-stream;
#SECURITY
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m; limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
#COMPRESS AND CACHE
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon image/jpeg image/png image/jpg;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
fastcgi_cache_path /var/cache/nginx/fastcgi levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
proxy_cache_path /var/cache/nginx/proxy levels=1:2 keys_zone=PROXY:10m max_size=10g inactive=60m use_temp_path=off;
proxy_cache_revalidate on;
proxy_buffering off;
proxy_request_buffering off;
}
NGINX/PHP
### SERVER ###
index index.php index.html index.htm index.nginx-debian.html;
#RULES FOR NOT CACHE
set $skip_cache 0;
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
#RULES AND REWRITES
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
access_log off;
}
location ~* /(?:uploads|files|wp-content|wp-includes|akismet)/.*.php$ { deny all;
access_log off;
log_not_found off;
}
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off;
log_not_found off;
expires max;
add_header Cache-Control "max-age=2592000";
}
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
add_header Cache-Control "max-age=0";
}
location ~* \.(?:rss|atom)$ {
add_header Cache-Control "max-age=3600";
}
location ~* \.svgz$ {
access_log off;
gzip off;
expires 360d;
add_header Cache-Control "max-age=2592000";
}
location ~* \.(?:css|js)$ {
access_log off;
log_not_found off;
expires 360d;
add_header Cache-Control "max-age=31536000";
}
location = /robots.txt {
access_log off;
log_not_found off;
}
location ~ /\.ht {
deny all;
access_log off;
log_not_found off;
}
location ~ /\.user.ini {
deny all;
access_log off;
log_not_found off;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
try_files $fastcgi_script_name = 404;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 30m;
fastcgi_cache_methods GET HEAD;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
proxy_cache PROXY;
# Hide PHP Version
fastcgi_hide_header X-Powered-By;
proxy_hide_header X-Powered-By;
add_header X-Fastcgi-Cache $upstream_cache_status;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
include fastcgi.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
PHP CUSTOM CONFIGS:
memory_limit = 512M
max_input_time = 50000
max_execution_time = 50000
expose_php = Off
post_max_size = 20M
--- POOL ---
pm = static
pm.max_children = 220
pm.max_requests = 0
request_terminate_timeout = 20000
MARIADB CUSTOM CONFIGS:
innodb_buffer_pool_size = 18G
innodb_buffer_pool_instances = 18
innodb_log_file_size = 6G
innodb_log_buffer_size = 512M
innodb_write_io_threads = 8
innodb_read_io_threads = 8
max_allowed_packet = 512M
max_connections = 500
table_open_cache = 6000
table_open_cache_instances = 8
table_definition_cache = 2000
tmp_table_size = 64M
max_heap_table_size = 64M
thread_cache_size = 100
key_buffer_size = 128M
query_cache_type = 0
query_cache_size = 0
log_warnings = 2
About this lot of info and configs, some DIRECTLY tips to improve the TTFB and speed of my sites?
PS: If did you a specialist in this and wants to help me, I will consider "pay a coffee" comparing the after results.
WP has some sloppy indexing on wp_postmeta. This might explain slow queries, which might explain the high TTFB. Here are the details on the schema fix:
http://mysql.rjweb.org/doc.php/index_cookbook_mysql#speeding_up_wp_postmeta
Is the system swapping any? Is the dataset less than 18GB? Either question may lead to some other (unlikely) remedy.
I am running into an issue when trying to enforce SSL on Wordpress whether it be by changing the site URL to HTTPS or setting force-wpadmin or using the force ssl on shopping cart from WooCommerce. If you type in https:// it works fine but when it's forced from WordPress that page get stuck in an infinite loop.
The site is also behind a Full (Strict) CloudFlare w/ SSL enabled.
The server is running NGINX with PHP-FPM (PHP7) and the latest version of WordPress. I am using NGINX Caching along with OPCache. I have a feeling it may have to do with my nginx.conf file but i'm not sure. Please see below.
user username;
worker_processes 2 ;
pid /var/run/nginx.pid;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
worker_rlimit_nofile 4096;
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 60;
types_hash_max_size 2018;
client_max_body_size 124m;
client_body_buffer_size 1m;
client_body_timeout 47;
client_header_timeout 47;
# server_tokens off;
server_names_hash_bucket_size 128;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 120s;
fastcgi_read_timeout 120s;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
reset_timedout_connection on;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
# Gzip Settings
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 2;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/css text/x-component application/x-javascript application/javascript text/javascript text/x-js text/richtext image/svg+xml text/plain text/xsd text/xsl text/xml image/bmp application/java application/msword application/vnd.ms-fontobject application/x-msdownload image/x-icon image/webp application/json application/vnd.ms-access application/vnd.ms-project application/x-font-otf application/vnd.ms-opentype application/vnd.oasis.opendocument.database application/vnd.oasis.opendocument.chart application/vnd.oasis.opendocument.formula application/vnd.oasis.opendocument.graphics application/vnd.oasis.opendocument.spreadsheet application/vnd.oasis.opendocument.text audio/ogg application/pdf application/vnd.ms-powerpoint application/x-shockwave-flash image/tiff application/x-font-ttf audio/wav application/vnd.ms-write application/font-woff application/font-woff2 application/vnd.ms-excel;
# Nginx Fast Cache Settings
fastcgi_cache_path /dev/shm/nginx-cache levels=1:2 keys_zone=WORDPRESS:1024m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
# HTTP Server
server {
listen 80 default_server;
listen 443 ssl;
#listen [::]:80 default_server;
server_name www.siteurl.com;
ssl_certificate /efs/ssl/name.crt;
ssl_certificate_key /efs/ssl/name.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log warn;
root /efs/public_html1/;
include /efs/name/nginx.conf;
index index.php;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}
#Set static file browser caching
location ~* \.(css|js)$ {
expires 30d;
log_not_found off;
access_log off;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 60d;
log_not_found off;
access_log off;
}
#Prevent access to hidden files
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
#Cache Settings
set $skip_cache 0;
# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
# Don't cache uris containing the following segments
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php-fpm-7.0.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 60m;
}
location ~ /purge(/.*) {
fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1";
}
add_header X-Cache-Status $upstream_cache_status;
}
}
My server has roughly this arborescence:
www
|-index.php
|foo
|-index.php
|-bar.php
I can access to /index.php, but accessing to /, /foo or anything else result in a 403. I've tried various config, but none of them is working.
My nginx.conf file:
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
server {
listen 80;
server_name localhost;
root /var/www/html;
location / {
root /var/www/html;
#try_files $uri /index.php$is_args$args;
}
location ~ \.php$ {
fastcgi_pass web_fpm:9000;
fastcgi_index index.php
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
}
}
If I uncomment the commented line, any request serves /index.php, so it's no good.
I've found the solution: setting the index. Here is the snippet:
server {
listen 80;
server_name localhost;
root /var/www/html;
autoindex on;
location / {
index index.php index.html;
}
location ~ \.php$ {
fastcgi_pass web_fpm:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
include fastcgi_params;
}
}
So I am setting up my first Linode (sort of new to managing everything myself). However, I have the following problem. The browser downloads the php file instead of executing it and MS Internet Explorer shows the file's content instead of downloading it.
I've read through a lot of content/answers about this problem but nothing seems works so I'd appreciate your help.
Important to note is that the website "crashes" only when I add the following line to the Virtual Host file
location ~* .(ico|jpg|webp|jpeg|gif|css|png|js|ico|bmp|zip|woff)$ {
expires 365d;
}
Here are the two files in full
NGINX.CONF
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10s;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
# ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
and the sites-available/default file
server {
listen 80 default_server;
listen [::]:80 default_server;
root /www/bloggingwithdani.com;
index index.html index.php index.htm;
server_name localhost;
# pagespeed On;
# pagespeed FileCachePath "/var/cache/ngx_pagespeed/";
# pagespeed EnableFilters combine_css,combine_javascript;
location / {
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~* .(ico|jpg|webp|jpeg|gif|png|ico|bmp|zip|woff|css|js|)$ {
expires 365d;
}
location ~ /\. {
deny all;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~ [^/]\.php(/|$) {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
your php location block looks wrong to me. here's my location block for php
location ~ \.(php)$ {
try_files $uri = 404;
location ~ \..*/.*\.php$ {return 404;}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_keep_conn on;
fastcgi_pass unix:/var/run/php5-fpm.sock;
# fastcgi_pass 127.0.0.1:9000; #passing directly to the socket
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
also, your static file caching is wrong, and has an erroneous wild card parameter. remove the last | and optionally add some extra configuration options to further optimize delivery of static content.
location ~* .(ico|jpg|webp|jpeg|gif|png|ico|bmp|zip|woff|css|js)$ {
expires max;
add_header Vary Accept-Encoding;
access_log off;
}