i have a nginx server running and want to remove the .php extension from my files. I have allready tried a few things but the only thing i managed to accopmplish was breaking the fastcgi proccessing leading into downloading php files. The server is running fine with the following configuration:
##
# Virtual Host configuration for example.com
##
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GC$
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/dhparams.pem;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /usr/share/nginx/html/example/;
index index.php;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ =404;
}
location /uploads {
deny all;
}
error_page 404 /templates/404.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location ~* \.(?:ttf|ttc|otf|eot|woff|font.css|jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
access_log off;
add_header Cache-Control "public";
}
location ~ /\. {
deny all;
}
}
Thank you for your effort and time.
##
# Virtual Host configuration for example.com
##
server {
listen 80;
listen [::]:80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GC$
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/letsencrypt/dhparams.pem;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
root /usr/share/nginx/html/example/;
index index.php;
server_name example.com www.example.com;
location / {
try_files $uri $uri/ #extensionless-php; // add #extensionless-php
}
location /uploads {
deny all;
}
error_page 404 /templates/404.php;
location ~ \.php$ {
try_files $uri =404; // add this
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_intercept_errors on;
}
location #extensionless-php { // add this block
rewrite ^(.*)$ $1.php last;
}
location ~* \.(?:ttf|ttc|otf|eot|woff|font.css|jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
access_log off;
add_header Cache-Control "public";
}
location ~ /\. {
deny all;
}
}
from this site http://www.tweaktalk.net/60/nginx-remove-php-file-extension-from-url
Related
We have a website where we are using a Laravel for the part available to the end-user, and an older legacy codebase for the admin panel.
Currently root is the public folder for the currently deployed version.
The website folder structure looks something like this:
admin/
|____index.php <-- desired entrypoint for admin-related requests
app/
public/
|____index.php <-- main entrypoint for website
resources/
routes/
So, when someone wants to access the admin panel they go to example.com/admin
Here's the current nginx configs file we are using.
example.com
server {
server_name example.com;
root /var/www/example.com/current/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /admin {
proxy_pass http://localhost:3000;
}
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
example.com/admin
server {
listen 3000;
server_name example.com;
root /var/www/example.com/current/admin;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
I'm not very well versed in nginx server configuration and would love som assistance on this.
EDIT 1
Config file using map:
EDIT 2
Updated the config below with the changes made to make it work.
map $uri $siteroot {
# This didn't work, per the accepted answer.
# ^/admin /var/www/example.com/current/admin;
# This works great!
^/admin /var/www/example.com/current;
default /var/www/example.com/current/public;
}
server {
server_name example.com;
root $siteroot;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name example.com;
return 404; # managed by Certbot
}
If you try changing root directory, Nginx will shows not found error.
Because, Nginx tries find file with request path even you changed root.
For example, If you change root directory for /admin path to /app/admin, Nginx will find file in /app/admin/admin. That's why you can't reach file.
Try insert rewrite /admin(.*) $1 break; line at /admin location block and set root path, or use alias expression.
I would use map directive for this, something like
map $uri $siteroot {
~^/admin /var/www/example.com/current/admin;
default /var/www/example.com/current/public;
}
server {
server_name example.com;
root $siteroot;
...
}
I have two laravel apps like this:
- apps
- dashboard
- website
I'm trying to serve them on linux machine, I can't seem to get them to work together.
I want to have two urls like this:
https://test.example.co
https://test.example.co/dashboard
server {
server_name test.example.co;
index index.php index.html index.htm index.nginx-debian.html;
location = / {
root /var/www/example/apps/website;
try_files $uri $uri/ /public/index.php;
}
location ~ ^/dashboard {
root /var/www/example/apps;
try_files $uri $uri/ /dashboard/public/index.php;
#try_files $uri $uri/ /index.html;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/test.example.co/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/test.example.co/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# pass the PHP scripts to FastCGI server listening on /var/run/php7.4-fpm.sock
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
if ($host = test.example.co) {
return 301 https://$host$request_uri;
} # managed by Certbot
}
can you tell me what is the result if you write your code like this:
location ~ ^/dashboard {
root /var/www/example/apps/dashboard/public;
try_files $uri $uri/ /index.php;
}
location = ~ ^/ {
root /var/www/example/apps/website/public;
try_files $uri $uri/ /index.php;
}
I just swap it. so it will search for the dashboard and if the user is not in dashboard, it will check the root.
I succeeded serving them using another subdomain, the "/dashboard" idea didn't work.
I hope someone can suggest the correct way to do it, I would change the accepted answer.
I have now example.com and admin.example.com.
Nginx config as below:
server {
server_name example.com;
index index.php index.html index.htm index.nginx-debian.html;
root /var/www/example/apps/website/public;
access_log /var/log/nginx/example_access.log;
error_log /var/log/nginx/example_error.log;
try_files $uri $uri/ /index.php$is_args$args;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# pass the PHP scripts to FastCGI server listening on /var/run/php7.4-fpm.sock
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server {
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com;
return 404; # managed by Certbot
}
And the second one is:
server {
server_name admin.example.com;
index index.php index.html index.htm index.nginx-debian.html;
root /var/www/example/apps/dashboard/public;
try_files $uri $uri/ /index.php$is_args$args;
access_log /var/log/nginx/example_access.log;
error_log /var/log/nginx/example_error.log;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
# pass the PHP scripts to FastCGI server listening on /var/run/php7.4-fpm.sock
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/admin.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/admin.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = admin.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
return 404; # managed by Certbot
}
compose up successfully and visit to the browser myapp.local, it will not load and it will go to google search. but if I type http://myapp.local it will load correctly. I think my Nginx is not doing good for redirecting. I already have in my etc/host
127.0.0.1 myapp.local
Here is my nginx
server {
listen 80;
listen [::]:80;
# For https
# listen 443 ssl;
# listen [::]:443 ssl ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name myapp.local;
root /var/www/myapp/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
resolver 127.0.0.11;
set $upstream php:9000;
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass $upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location /.well-known/acme-challenge/ {
root /var/www/letsencrypt/;
log_not_found off;
}
error_log /var/log/nginx/laravel_error.log;
access_log /var/log/nginx/laravel_access.log;
}
Thank you in advance
I want to make certain php files accessible via http only.
So I added location = /example.php{} as shown in the code below.
server {
listen 80;
ssl off;
server_name example.com www.example.com;
root /var/www/example;
location ~* \.(php)$ {
# dostufdd
}
location = /example.php {
#do stuff
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2;
server {
listen 443 ssl http2;
server_name example.com www.example.com;
root /var/www/example;
index index.php;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem;
ssl_dhparam /etc/letsencrypt/live/example.com/example.com.dhparam;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4;
# Set caches, protocols, and accepted ciphers. This config will
# merit an A+ SSL Labs score.
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kED$
error_log /var/log/nginx/example.error.log warn;
location / {
try_files $uri $uri/ /index.php?$args;
}
# Allow Lets Encrypt Domain Validation Program
location ^~ /.well-known/acme-challenge/ {
allow all;
}
# Block dot file (.htaccess .htpasswd .svn .git .env and so on.)
location ~ /\. {
deny all;
}
# Block (log file, binary, certificate, shell script, sql dump file) access.
location ~* \.(log|binary|pem|enc|crt|conf|cnf|sql|sh|key)$ {
deny all;
}
location = /robots.txt {
log_not_found off;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location ~* \.(css|js|ico|gif|jpe?g|png|svg|eot|otf|woff|woff2|ttf|ogg)$ {
expires max;
}
location ~ /.well-known {
allow all;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_read_timeout 180;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
However, if I try to access to http://example.com/example.php, the php file is
downloaded instead of executing.
but If i access https://example.com/example.php, it will be accessed normally.
I have no idea what to do.
Please help me.
Thank you.
I have cakephp set up with nginx, and before I had nginx set up and url rewriting was working perfectly, such that urls of form: mywebsite.com/cake_project/controller/action worked perfectly. Then I changed the name of the folder cake_project to web, and updated the nginx config file and now when I go to mywebsite.com/web the cakephp works, but If I go to mywebsite.com/web/controller or mywebsite.com/web/controller/action it gives 404.
(My Operating system is Ubuntu, and my CakePHP version is 2.3.9)
Here is what my current nginx config is, sorry I didn't backup my old nginx config :( (that probably would have helped me).
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
server {
listen 80;
listen [::]:80;
server_name mywebsite.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 default_server;
listen [::]:443 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
ssl on;
ssl_certificate path_to_ssl_certificate;
ssl_certificate_key path_to_ssl_key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# Make site accessible from http://localhost/
server_name localhost;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location /web {
alias /usr/share/nginx/html/web/app/webroot;
try_files $uri $uri/ /web/webroot/index.php;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# root html;
# index index.html index.htm;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
Can Anyone see, what I am doing wrong?
I have similar Nginx configs to this on everything from Nginx 1.4 - 1.8 seems to work well with CakePHP overall especially for the rewriting. Do you have things that are using the IPv6? I would think that stuff could go, if you are sure nothing is using IPv6.
Here is a working example I have working with several CakePHP 2.x project:
server {
listen 80 default_server;
server_name www.example.com;
rewrite ^(.*) https://www.example.com$1 permanent;
}
server {
listen 443 ssl;
access_log /var/log/nginx/www.example.com.access.log;
error_log /var/log/nginx/www.example.com.error.log;
root /var/www/production/app/webroot;
index index.php;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl.crt/www.example.com.intermediate.combined.crt;
ssl_certificate_key /etc/nginx/ssl.key/www.example.com.key;
# For Larger File Uploads
client_max_body_size 28M;
# This is for CakePHP
if (!-e $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
proxy_buffers 4 256k;
proxy_buffer_size 128k;
proxy_busy_buffers_size 256k;
# Cache Headers for Static Files
location ~* \.(?:ico|css|js|gif|jpe?g|png|swf)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
# Pass the PHP scripts to FastCGI server
# listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_pass_header Set-Cookie;
fastcgi_ignore_headers Cache-Control Expires;
fastcgi_intercept_errors on; # to support 404s for PHP files no$
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffers 4 256k;
fastcgi_buffer_size 128k;
fastcgi_busy_buffers_size 256k;
include fastcgi_params;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
# Deny access to .htaccess files,
# git & svn repositories, etc
location ~ /\.(ht|git|svn) {
deny all;
}
}
Here is another option that might work for you:
server {
listen 80;
listen [::]:80;
server_name mywebsite.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 default_server;
listen [::]:443 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
ssl on;
ssl_certificate path_to_ssl_certificate;
ssl_certificate_key path_to_ssl_key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# Make site accessible from http://localhost/
server_name localhost;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location /web {
rewrite ^/web$ /web/ permanent;
rewrite ^/web/(.+)$ /$1 break;
root /usr/share/nginx/html/web/app/webroot;
try_files $uri /$uri/ #cakephp;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# Other PHP Files - Non-CakePHP
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# For CakePHP
location #cakephp {
set $q $request_uri;
if ($request_uri ~ "^/web(.+)$") {
set $q $1;
}
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/web/app/webroot/index.php;
fastcgi_param QUERY_STRING url=$q;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_intercept_errors on; # to support 404s for PHP files no$
include fastcgi_params;
}
}