I try connected nginx and symfony 2. But my configure file not work for this framework.
server {
listen 80;
server_name test.com www.test.com;
access_log /var/log/nginx/test.access.log;
error_log /var/log/nginx/test.error.log;
location ~* \.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|docx|xlsx)$ {
root /home/test/var/www/test.com/public_html/web;
index index.html index.php;
access_log off;
expires 30d;
}
location ~ /\.ht {
deny all;
}
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-for $remote_addr;
proxy_set_header Host $host;
proxy_connect_timeout 60;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_redirect off;
proxy_set_header Connection close;
proxy_pass_header Content-Type;
proxy_pass_header Content-Disposition;
proxy_pass_header Content-Length;
}
}
For any static file which contain in directory
/home/test/var/www/test.com/public_html/web/css or
/home/test/var/www/test.com/public_html/web/js
return error 403
I try get static file use the url like this test.com/css/style.css
I resolve this problem. I forgot add user www-data ( the nginx process ) to group test ( the test is owner all files in your home dir ).
Related
Hello I am trying to serve a php web application using Nginx PHP-FPM using a tcp socket on a remote host and a lighttd to serve static content on a remote server.
I succeed to link those three blocks but I have an issue to manage the interactions.
Here my Nginx proxy configuration
upstream xxxx-staging {
server xxxxx.com:81 fail_timeout=0;
}
server {
listen 80;
server_name xxxxxxx.com;
return 301 https://xxxxx.com$request_uri;
}
server {
listen 443 ssl;
server_name xxxxxx.com;
root /xxxxxx/public;
ssl_certificate /etc/nginx/ssl/xxx.com.pem;
ssl_certificate_key /etc/nginx/ssl/xxx.com.key;
access_log /var/log/nginx/xxx.access.log;
error_log /var/log/nginx/xxx.error.log error;
client_max_body_size 256m;
proxy_intercept_errors on;
error_page 404 = /index.php;
error_page 405 = 200$uri;
location = / {index index.php;}
location / {
proxy_pass http://xxxxx-staging;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
auth_basic "Please authenticate";
auth_basic_user_file /etc/nginx/passwords/xxxxxxx.com.passwdfile;
}
location ~ ^/index\.php$(/|$) {
fastcgi_pass xxxxx.com:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
}
When I removed error_page 405 = 200$uri; symfony is returning me a method post not allowed and when I put it nginx is returning me a 405.
I clearly missunderstand how the communication are established but don't know where I am wrong.
You are using auth_basic and auth_basic_user_file in the location / block. Am I right that you don't get a prompt to enter a password when you navigate to the side and get instead directly the 405 error?
I interpret the error to mean that an authentication is expected but doesn't happen. I would suggest to move auth_basic and auth_basic_user_file up one level in the server block. That way everything is covered and not only the one location block and you should get the password prompt.
upstream xxxx-staging {
server xxxxx.com:81 fail_timeout=0;
}
server {
listen 80;
server_name xxxxxxx.com;
return 301 https://xxxxx.com$request_uri;
}
server {
listen 443 ssl;
server_name xxxxxx.com;
root /xxxxxx/public;
auth_basic "Please authenticate";
auth_basic_user_file /etc/nginx/passwords/xxxxxxx.com.passwdfile;
ssl_certificate /etc/nginx/ssl/xxx.com.pem;
ssl_certificate_key /etc/nginx/ssl/xxx.com.key;
access_log /var/log/nginx/xxx.access.log;
error_log /var/log/nginx/xxx.error.log error;
client_max_body_size 256m;
proxy_intercept_errors on;
error_page 404 = /index.php;
error_page 405 = 200$uri;
location = / {index index.php;}
location / {
proxy_pass http://xxxxx-staging;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ~ ^/index\.php$(/|$) {
fastcgi_pass xxxxx.com:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
}
I hope that helps you.
We receive error about "redirected you too many times." after changing the Wordpress from HTTP to HTTPS.
The WP is on AWS with Nginx and we have tried changing both define(home) and define(siteurl) in both database and wp-config file but no help.
Below is the current nginx config file, we also tried following some posts on Google to change HTTP to HTTPS, listening port to 443 but still no luck.
Thanks in advance.
server {
listen 443;
server_name wp.mywebsite.com;
server_name www.mywp.mywebsite.com;
include /etc/nginx/common_server_settings;
location /wp-content/ { root /var/www/mywp.mywebsite.com; }
location /wp-includes/ { root /var/www/mywp.mywebsite.com; }
set $no_cache 0;
# POST requests should always go to PHP
if ($request_method = POST) { set $no_cache 1; }
# Don't cache uris containing the following segments
if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php|wp-.*.php|/feed/|index.php|wp-comments-popup.php|wp-links-opml.php|wp-locations.php|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_logged_in") { set $no_cache 1; }
location / {
proxy_http_version 1.1;
proxy_set_header Host $http_host;
#proxy_set_header Host "mywp.mywebsite.com";
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto http;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Powered-By;
proxy_pass http://127.0.0.1:1080;
proxy_cache_bypass $no_cache;
proxy_no_cache $no_cache;
proxy_cache_lock on;
proxy_cache BLOG;
proxy_cache_valid 5m;
add_header X-Raw $no_cache;
}
}
proxy_set_header X-Forwarded-Proto http;
The headers are causing this redirect loop since the wordpress still thinks that it is being accessed using "http" scheme (because your reverse proxy server is not sending the correct scheme in the header.
It may be also possible that you need to make a change in wordpress config file so that it correctly detects the HTTPS. As described here:
Websites behind load balancers or reverse proxies that support HTTP_X_FORWARDED_PROTO can be fixed by adding the following code to the wp-config.php file, above the require_once call:
if (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
$_SERVER['HTTPS'] = 'on';
I use this type of config for proxying to https:
server {
listen 443 ssl;
server_name wp.mywebsite.com;
server_tokens off;
ssl on;
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols SSLv3 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
set $ssl off;
etag on;
if ($scheme = https) {
set $ssl on;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Ssl $ssl;
proxy_pass http://127.0.0.1:1080;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:1080 wp.mywebsite.com;
}
}
Also don't forget to force https:
server {
server_tokens off;
listen 80;
server_name wp.mywebsite.com;
return 301 https://wp.mywebsite.com$request_uri;
}
I just switched my PHP to run from Apache to FastCGI (via Plesk). Now every file I try to access on my domain that's not a php file (like css, images, html ...) gives a 404.
Any idea of what it could be?
vhost specific config file (/etc/nginx/plesk.conf.d/vhosts/mysite.com.conf):
#ATTENTION!
#
#DO NOT MODIFY THIS FILE BECAUSE IT WAS GENERATED AUTOMATICALLY,
#SO ALL YOUR CHANGES WILL BE LOST THE NEXT TIME THE FILE IS GENERATED.
server {
listen 99.99.99.99:443 ssl;
server_name mysite.com;
server_name www.mysite.com;
server_name ipv4.mysite.com;
ssl_certificate /usr/local/psa/var/certificates/certEbk3rnT;
ssl_certificate_key /usr/local/psa/var/certificates/certEbk3rnT;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
client_max_body_size 128m;
root "/var/www/vhosts/mysite.com/httpdocs";
access_log "/var/www/vhosts/system/mysite.com/logs/proxy_access_ssl_log";
error_log "/var/www/vhosts/system/mysite.com/logs/proxy_error_log";
location / {
proxy_pass https://99.99.99.99:7081;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /internal-nginx-static-location/ {
alias /var/www/vhosts/mysite.com/httpdocs/;
add_header X-Powered-By PleskLin;
internal;
}
}
server {
listen 50.23.99.2:80;
server_name mysite.com;
server_name www.mysite.com;
server_name ipv4.mysite.com;
client_max_body_size 128m;
root "/var/www/vhosts/mysite.com/httpdocs";
access_log "/var/www/vhosts/system/mysite.com/logs/proxy_access_log";
error_log "/var/www/vhosts/system/mysite.com/logs/proxy_error_log";
location / {
proxy_pass http://99.99.99.99:7080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
}
location /internal-nginx-static-location/ {
alias /var/www/vhosts/mysite.com/httpdocs/;
add_header X-Powered-By PleskLin;
internal;
}
}
Requests of *.php files working because nginx transparent proxing it to apache, which catched by proper apache's vhost.
Statics files get 404 because:
proper nginx's vhost can't be found by nginx and request cathced by default vhost
or
there some another nginx vhost which catch all requests(wildcard subdomain *.mysite.com for example).
No any useful advices here, just revise all your nginx configs.
I have vps using nginx on that web server I got 2 conf (host1.com,host2.com) files on /etc/nginx/conf.d but 2 domain access to the same site. those site are on different technologies 1 PHP (Apache running on 88 ) and 1 python (gunicorn running on 5000) both site can be access from outside correctly using those ports.
site 1 conf
server{
listen 80;
root /var/www/host1.com/public;
index index.php index.html index.htm;
server_name host1.com;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:88;
}
location ~ /\.ht {
deny all;
}
}
host2 conf
server {
listen 80;
server_name host2.com;
access_log /var/log/nginx/fundacion.log;
location / {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Thanks in advance.
Restart nginx.
Clear your browser cache.
I am trying to create a nginx conf file that has little repetition in it. I am using nginx to serve static files, and it proxies 404s or php content to the named location #varnish:
location #varnish {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass_header Set-Cookie;
proxy_pass http://localhost:6081;
proxy_set_header Request-URI $request_uri;
}
For the "standard" situation whereby nginx should check to see if it has a file and then pass through to the backend, the following works fine:
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
expires max;
open_file_cache_valid 120m;
try_files $uri #varnish;
}
However, for PHP, I don't even want it to try the file, it should just immediately redirect the request to #varnish:
location ~ \.php$ {
rewrite . #varnish last;
}
However, this does not appear to work. It seems a pain to have two separate near identical blocks (one for #backend and one for php) both referencing the same proxy, and is the sort of issue where humans can forget to put something in one and not the other.
If you put the proxy settings into the server context and let the locations inherit them, then it's not much to duplicate. You can also set up an upstream block to make it easier to change the proxy target should you need to:
upstream _varnish {
server localhost:6081;
}
server {
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Request-URI $request_uri;
proxy_pass_header Set-Cookie;
location #varnish {
proxy_pass http://_varnish;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
access_log off;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
expires max;
open_file_cache_valid 120m;
try_files $uri #varnish;
}
location ~ \.php$ {
proxy_pass http://_varnish;
}
}