Some PHP URLs are being downloaded instead of executed by Nginx. I have an existing web application which is functioning fine. I'm tasked with adding additional mounted applications within folders of the primary application. Each of these applications has its own front controller index.php script.
For this setup, I've created symlinks inside $document_root/app, and the symlinks point to a folder containing an index.php front controller.
When I navigate to most URLs, everything works fine, the primary application front controller is executed, and I get expected results. When I navigate to a non-existent app, I get 404 Not Found from nginx, which is expected. But when I navigate to one of the applications, the browser downloads the application front controller.
root /my/web/root;
location / {
try_files $uri
/$server_name$uri
/shared$uri
/index.php$is_args$args;
}
location ~ [^/]\.php(/|$) {
disable_symlinks off;
fastcgi_split_path_info ^(.+\.php\b)(.*)$;
fastcgi_param SERVER_NAME $host;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_pass php-fpm;
}
location ~ ^/app/([a-z-]+)(/.*)?$ {
try_files $uri
/app/$1/index.php$is_args$args
=404;
}
URL which triggers download: /app/my-app/ (exists)
URL which 404s: /app/foo/ (does not exist)
URL which executes: /foo
The .php file needs to be processed by the location ~ [^/]\.php(/|$) block. You have a common document root which makes things simpler.
However, look at this document regarding the location directive.
You will see that the regex locations are considered in order and the first matching location will be used to process the request.
In short, you need to place the location ~ [^/]\.php(/|$) block before any other conflicting regex location, if you want your .php files to be processed correctly.
Related
Consider the following non-working nginx.conf fragment:
server {
...
root /var/www/html/example.com/www;
location /dev/ {
root /var/www/html/example.com;
location ~* \.(pdf|js|css|png|jpg|jpeg|gif|ico)$ {
}
fastcgi_split_path_info ^/dev/(.+)()$;
fastcgi_intercept_errors on;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/html/example.com/xsltproc.php;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_pass php-fpm;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(x)$;
fastcgi_intercept_errors on;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass php-fpm;
}
}
location / {
index index.html;
location ~ \.php$ {
...
The objective is to use XSLT to transform .xml into .php and instantaneously serve the generated .php file from the protected /dev/ location all in one step for a fast and easy edit / view cycle.
The xsltproc.php script looks up the resource by $fastcgi_script_name and checks to see if the corresponding .xml or .xsl files are newer than the .php file and, if yes, regenerates it using XSLTProcessor::transformToXML().
When development is complete, the .php files are copied to the www location where they are served in the typical non-xslt manner.
However, the above does not work because, even though location /dev/ matches, location ~ \.php$ is ultimately favored and used such that the .php file is not regenerated. If I temporarily remove the location ~ \.php$ section, the .php file is generated correctly. When the section is restored, the .php file is processed correctly.
How do I configure nginx to invoke xsltproc.php AND process the .php file with php-fpm in the same request?
Meaning I effectively want to invoke php-fpm twice in one request: once for xstlproc.php and once on the generated .php file.
Can an internal redirect be used even though the name of the resource is exactly the same (e.g. /dev/test.php)?
UPDATE:
I have not found a way to invoke php-fpm twice. Adding a rewrite immediately after the xsltproc.php fastcgi_pass call results in a jump for the rewrite without executing the script. No surprise there.
However, I did settle on a solution which was to add:
require($phpfile)
to the end of xsltproc.php to simply include the php file regardless of weather or not it was re-generated and then remove location ~ \.php$. The more I think about it, this is a satisfactory solution. It's only for dev anyway.
I have created some Laravel routes with they have ".php" extention, such as
Route::get('/api/send.php', function(){
echo 'Hi There';
});
But when I open the route it shows 404 error in Nginx server... That is Nginx configurations
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/laravel/public;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
server_name xxx.xxx.xxx.xxx;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
What is the problem? I have used the same code it worked before..
Thanks
SOLVED
It solved by changing
try_files $fastcgi_script_name =404;
in /etc/nginx/snippets/fastcgi-php.conf to
try_files $fastcgi_script_name /index.php?$query_string;
This is a very common problem with nginx configured to serve PHP applications, especially Laravel. You can reproduce it on sites like laravel.com, e.g: laravel.com/example.php.
The default configuration (what you're probably using in snippets/fastcgi-php.conf) is this:
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
And fastcgi_script_name is...
request URI or, if a URI ends with a slash, request URI with an index file name configured by the fastcgi_index directive appended to it. This variable can be used to set the SCRIPT_FILENAME and PATH_TRANSLATED parameters that determine the script name in PHP. For example, for the “/info/” request with the following directives
That means, when a request URI contains .php it is treated as if it is a request for a PHP file, and if that PHP file doesn't exist an error is returned by nginx -- it never reaches your application.
The solution is to force fastcgi_script_name to always equal your application's entry point, in this case that's index.php. You can either edit snippets/fastcgi-php.conf or add it into your location block like this:
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
}
Your application will now receive every request, including those that have .php in the path.
Just want to let everyone know before I posted this question I checked
every single thread on stackoverflow about this issue.
The aim:
Run two apps under one domain, first app on the root (/) and second app under the URI (/learn).
http://example.com/ - first app
http://example.com/learn - second app
The problem:
The main app works perfectly, but the learn app is showing a white page with "No input file specified.".
My file structure:
/srv/users/serverpilot/apps/main/public/index.php
/srv/users/serverpilot/apps/learn/public/index.php
My NGINX configuration:
root "/srv/users/serverpilot/apps/main/public";
location ^~ /learn {
root "/srv/users/serverpilot/apps";
try_files $uri /learn/public/index.php?$query_string;
location ~ \.php$ {
add_header X-debug-message $document_root$fastcgi_script_name always;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/srv/users/serverpilot/run/learn.php-fpm.sock;
}
}
location / {
try_files $uri $uri/ /index.php?$args;
location ~ \.php$ {
include fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/srv/users/serverpilot/run/main.php-fpm.sock;
try_files $uri =404;
}
}
In addition:
I know the fastcgi_pass sockets are working because I've been
running these two apps under different domains but in the same
server in question.
I added the add_header X-debug-message $document_root$fastcgi_script_name" always; to see what the response header would show, and it shows that the
SCRIPT_FILENAME is
/srv/users/serverpilot/apps/learn/public/index.php which exists and is the exact file I am trying to run.
Oh lordy! What a wild hunt!
Okay the reason this configuration wasn't working is because aside from fastcgi_params you can also set php_value[doc_root] which will overwrite your $document_root which is commonly used in the SCRIPT_FILENAME parameter. So check your php.ini files always to make sure php_value[doc_root] is not set when you have apps that are being served from different directories otherwise it just wont pick them up. In the case that you are just serving a single app from a single directory you need not worry.
I have a project running under php, but I have a third party subfolder(download folder) that I want to add into the current project.
Meaning, root folder = testlaravel =>www.testlaravel.com
with sub folder = testlaravel/download => www.testlaravel.com/download
Is there anyway I can do this?
Are you using Apache or Nginx ? If Apache, you need to config your vhost file to serve Laravel from a sub-folder. Particularly, you need to configure that when testlaravel.com/download URI is requested, it should be served using /home/testlaravel/download/public directory (basically different root/home location).
You also need to use mod_rewrite to rewrite your URL requests to the sub-folder be served from index.php from above location (and also prettify URLs).
Similarly, your configuration in vhost for your main website will be different (so there will be 2 configurations, one for your main website and one for laravel requests)
The above should work just fine since its done same way in Nginx, for which I have included a full example of how its conf file should look
Here is how I setup-ed my location block which is working for me perfectly:
location ^~ /facebookschedule {
alias /home/netcans/facebookschedule/public;
try_files $uri $uri/ #foobar;
location ~ \.php {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/wwww/facebookschedule/public/index.php;
}
}
location #foobar {
rewrite /facebookschedule/(.*)$ /facebookschedule/index.php?/$1 last;
}
Source: http://shubhank.gaur.io/setup-laravel-5-in-subfolder-with-nginx/
I am using the following configuration, which is simpler than most other published solutions, and which does not require any paths/folders to be hard-coded.
We simply prefix all requests with public/ and then remove it from SCRIPT_NAME so that the application can autodetect its environment correctly.
location ~ /myproject/(.*) {
rewrite /myproject(.*) /myproject/public/$1 break;
try_files $uri /myproject/public/index.php$is_args$args;
location ~ /index\.php$ {
include /etc/nginx/fastcgi.conf;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_NAME /myproject/index.php;
}
}
I am using Symfony2 (PHP) framework for my project and is having a small problem with regards to configuring my NGINX to catch request going to a 3rd party library I placed under "web" directory.
This is my configuration
server {
listen 80;
server_name test.com;
root /var/www/my-symfony-project/web;
rewrite ^/app\.php/?(.*)$ /$1 permanent;
location / {
index app.php;
try_files $uri #rewriteapp;
}
location #rewriteapp {
rewrite ^(.*)$ /app.php/$1 last;
}
location ~ ^/(app|app_dev|config)\.php(/|$) {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
}
As you may have noticed that the root is pointed in "/var/www/my-symfony-project/web" directory.
Now, the problem is that I have this "some-plugin" folder inside the "web" directory and there are PHP files from there that are not handled by the Symfony2 routing.
I actually made it work when I have the following "location" block inside the "server" block illustrated above.
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
}
It seems okay having this type of configuration at first but we realized that it accepts request to any "*.php" file to which we evaluated as a security breach.
Any suggestions?
Allowing access to .php files is usually not considered dangerous or a security breach, as long as the PHP files are executed and not served in their source form and, of course, don't print any sensitive information.
If either of the former are not the case, you should probably change your setup or your code.
Anyway, you should be able to restrict the .php file handling to /var/www/my-symfony-project/web/some-plugin by using the following as location:
location ~ ^/var/www/my-symfony-project/web/some-plugin/.*\.php$ {
# your rules here
}
This should match all files whose path starts with /var/www/my-symfony-project/web/some-plugin/ and end with .php in upper or lower case.