I have the following configuration to listen on port 80, but redirect to https. Then, to route everything through the index.php file, however, when I go to a page it just downloads the index.php file or shows 403 forbidden on the homepage.
Any ideas?
server {
listen 80;
server_name www.mydomain.com mydomain.com;
rewrite ^ https://$server_name$request_uri? permanent;
}
server {
listen 443;
server_name www.mydomain.com;
root /var/www/mydomain/public;
ssl on;
ssl_certificate mydomain.crt;
ssl_certificate_key mydomain.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
location / {
if (!-e $request_filename){
rewrite \.(jpeg|jpg|gif|png)$ /public/404.php break;
}
if (!-e $request_filename){
rewrite ^(.*)$ /index.php break;
}
}
location ~ \.php {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index /index.php;
include /etc/nginx/fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~* ^/(css|img|js|flv|swf|download)/(.+)$ {
root /var/www/mydomain/public;
}
location ~ /\.ht {
deny all;
}
}
The rewrite/break causes the rewritten URI to be processed in the same location (location /) rather than the location ~ \.php. See rewrite documentation.
The location / block looks rather strange with two identical if blocks.
You might consider splitting it into two blocks:
location / {
try_files $uri /index.php;
}
location ~ \.(jpeg|jpg|gif|png)$ {
try_files $uri /public/404.php;
}
If /public/404.php is your default handler for all 404 errors, you could use an error_page directive instead:
error_page 404 /public/404.php;
location / {
try_files $uri /index.php;
}
location ~ \.(jpeg|jpg|gif|png)$ {
try_files $uri =404;
}
See the location, try_files and error_page documentation for more.
Related
/etc/nginx/conf.d/default.conf
server{
listen 80;
listen [::]:80;
server_name 192.168.56.101 192.168.101.100 localhost;
root /var/www/html;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
my codeigniter folder is 'ci' which is located in /var/www/html/ci
what configuration do I need to work url rewriting?...
I didn't want to change the current document root (/var/www/html)
since my 'ci' folder is located at /var/www/html/ci.
So instead, I created a new location block in /etc/nginx/conf.d/default.conf:
server{
...
location /ci {
try_files $uri $uri/ /ci/index.php?/$request_uri;
}
...
}
Thanks to Mert Öksüz for suggesting to use try_files $uri $uri/ /ci/index.php?/$request_uri;.
This one also work:
location /ci {
try_files $uri $uri/ /ci/index.php?$query_string;
}
Change your root to root /var/www/html/ci
Change your try_files to try_files $uri $uri/ /index.php?/$request_uri;
Be sure your fpm path (unix:/var/run/php-fpm/php-fpm.sock;) is correct.
I faced same problem and modified a little bit nginx conf from this site https://gist.github.com/yidas/30a611449992b0fac173267951e5f17f
server {
listen 80;
# For https
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server ipv6only=on;
# ssl_certificate /etc/nginx/ssl/default.crt;
# ssl_certificate_key /etc/nginx/ssl/default.key;
server_name sc.hr;
root /var/www/sc/hr/;
index index.php index.html index.htm;
# set expiration of assets to MAX for caching
#location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
# expires max;
# log_not_found off;
#}
location / {
# Check if a file or directory index file exists, else route it to index.php.
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
# Deny for accessing .htaccess files for Nginx
location ~ /\.ht {
deny all;
}
# Deny for accessing codes
location ~ ^/(application|system|tests)/ {
return 403;
}
}
This conf worked on my laradock nginx container.
This worked for me
location ~* \.php$ {
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
include fastcgi.conf;
}
In case someone looking for CI 4 nginx on ubuntu 18.04 configuration :
root /var/www/ci/public;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# this is not working for the first get argument :
# try_files $uri $uri/ /index.php?/$request_uri;
# use this :
try_files $uri $uri/ /index.php$is_args$args;
}
I have php website (symfony framework running in dev env) under example.com and wordpress blog under example.com/blog/ .
Now I'm trying make make wordpress working under this set up.
As of right now I have only static files served by nginx.
I can't make php files executed.
Symfony app root dir: /data/example.com
Wordpress root dir: /data/example.com-blog/web
My nginx config
server {
listen 80;
server_name example.com;
charset utf-8;
access_log /var/log/nginx/example.com_access.log main;
error_log /var/log/nginx/example.com_error.log;
root /data/example.com/web/;
index app_dev.php;
error_page 400 401 404 500 = /index.php;
location ~ /\. {
deny all;
}
location ^~ /blog {
log_not_found on;
access_log on;
root /data/example.com-blog/web;
rewrite ^/blog/([^.]+\.[^.]+)$ /$1 break;
try_files $uri $uri/ /blog/index.php$is_args$args;
location ~ \.php {
return 401; # for
}
}
location / {
try_files $uri /app_dev.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_intercept_errors off;
fastcgi_pass unix:/tmp/php-fpm.socket;
fastcgi_index index.php;
fastcgi_param HTTPS off;
include fastcgi_params;
}
location ~* \.(jpg|jpeg|gif|png|ico|js|css|htm|html|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|swf|flv|htc|xsl|eot|woff|ttf|svg)$ {
expires 1w;
tcp_nodelay off;
}
}
I tried to use RichardSmith's example and now I'm getting 403 error
location ^~ /blog {
alias /data/example.com-blog/web;
if (!-e $request_filename) { rewrite ^ /blog/index.php last; }
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/tmp/php-fpm.socket;
}
}
I've installed Nginx, PHP-FPM,SSL certificate (Let's Encrypt), and WordPress 4.6.1 on my server and working well.
But, when I change the permalink settings to anything other than default,I get 404 errors on every post,article and page.
In my nginx config file I have the following code under my location / block :
try_files $uri $uri/ /index.php?$args;
Here is my nginx.conf:
server {
listen xxx.xxx.xxx.xxx:80;
server_name raharja.com www.raharja.com;
root /home/admin/web/raharja.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/raharja.com.log combined;
access_log /var/log/nginx/domains/raharja.com.bytes bytes;
error_log /var/log/nginx/domains/raharja.com.error.log error;
location / {
# WordPress permalinks configuration
try_files $uri $uri/ /index.php?$args;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/raharja.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.raharja.com.conf*;
try_files $uri $uri/ /index.php?$args;
}
Does anyone have a solution?
I suggesting you try this:
if (!-e $request_filename)
{
rewrite ^(.+)$ /index.php?q=$1 last;
}
I'm on a NGINX web server and I would like to remove the .php extension from url.
I currently have the following conf :
server {
server_name www.mywebsite.com mywebsite.com;
return 301 https://mywebsite.com$request_uri;
}
server {
listen 443 ssl;
server_name www.mywebsite.com;
return 301 https://mywebsite.com$request_uri;
ssl_certificate /etc/letsencrypt/live/mywebsite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mywebsite.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
}
server {
listen 443 ssl;
root /opt/http/nginx/sites/mywebsite/www;
index index.php index.html;
server_name mywebsite.com;
location / {
#rewrite ^(/.*)\.html(\?.*)?$ $1$2 permanent;
try_files $uri $uri/ $uri.php?$args;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
location ~* \.(pdf)$ {
expires 30d;
}
client_max_body_size 3M;
ssl_certificate /etc/letsencrypt/live/mywebsite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mywebsite.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
error_page 403 /index.php;
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
access_log /var/log/nginx/www.mywebsite.access.log;
error_log /var/log/nginx/www.mywebsite.error.log;
}
If tried to follow some similar case instructions but nothing seems to work with my conf.
The problem is that this piece of code
location / {
try_files $uri $uri/ $uri.php?$args;
}
is working well in two cases :
The client asks for https://mywebsite.com/page.php : OK
The client asks for https://mywebsite.com/page : OK
without rewriting the url !
What I need is to tell NGINX to rewrite the url if the client tries to access a page with the file extension. For example, if I ask for login.php, nginx rewrites 'login', and so on.
It also has to keep the GET params in the url if it has.
So what is the right conf to do that, given that I keep in my code the links to the php files with extension and not the relative urls (I hope NGINX could rewrite them) ? (if I need to set the relative urls in my code I can but I don't want to break my local)
Thanks to this question and the comments, I was able to figure out a similar issue, same result with some additional constraints like not using ifs or try_files. Here's what I got at the end:
upstream php {
server unix:/var/run/php-fpm/php-fpm.sock;
}
server {
# ...
rewrite ^(/.+)\.php$ $scheme://$host$1 permanent;
location / {
rewrite ^(.*)$ /$1.php;
}
location ~ \.php$ {
include fastcgi.conf;
fastcgi_pass php;
}
Major contributors were the lack of break/last in the rewrites.
location / {
try_files $uri $uri.html $uri/ #extensionless-php;
index index.html index.htm index.php;
}
location ~ \.php$ {
try_files $uri =404;
}
location #extensionless-php {
rewrite ^(.*)$ $1.php last;
}
This will remove both html and php form url .More Detail
I tried too many options until one of them worked for me, I was able to remove the extension with this:
server {
listen 80;
server_name www.example.local;
root /var/www/vhosts/example/httpdocs;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ #ext;
}
location ~ \/\.php {
rewrite "^(.*)\/.php" $1.php last;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location #ext {
rewrite "^(.*)$" $1.php;
}
}
I have a Problem with our Nginx configuration, We have Wordpress in our current root directory and i would like to setup owncloud on /owncloud by using a directory outside of our root. I have tried to setup an alias in nginx but i get an "access denied" from nginx or php i'am not sure.
My nginx config:
server {
listen 134.34.60.101:80; ## listen for ipv4; this line is default and implied
# listen [::]:80 default ipv6only=on; ## listen for ipv6
listen 134.34.60.101:443 default ssl;
server_name fachschaft.inf.uni-konstanz.de www.fachschaft.inf.uni-konstanz.de;
#root /usr/share/nginx/www;
root /srv/www/website/current;
index index.php;
# reroute to old svn for now - Sammy 2013-11-26
rewrite ^/svn/fachschaft(/.*)$ https://134.34.58.21/svn/fachschaft$1;
ssl_certificate ssl/chained-nginx.crt;
ssl_certificate_key ssl/key-no-pw.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
if ($ssl_protocol = "") {
rewrite ^ https://www.fachschaft.inf.uni-konstanz.de$request_uri? redirect;
}
#Owncloudsettings:
client_max_body_size 256M; # set max upload size
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
deny all;
}
location ~ /adminier {
# TODO find a better solution...
alias /srv/www/adminier/index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location /owncloud {
alias /srv/www/owncloud;
try_files $uri $uri/ /index.php?$args;
# fastcgi_split_path_info ^(/owncloud/.+\.php)(/.+)$;
fastcgi_split_path_info ^/owncloud/(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
#Owncloud:
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/www;
#}
# Roots Wordpress Theme Rewrites
# See http://roots.io/roots-101/
location ~ ^/assets/(img|js|css|fonts)/(.*)$ {
try_files $uri $uri/ /content/themes/fsinf-v2/assets/$1/$2;
}
location ~ ^/plugins/(.*)$ {
try_files $uri $uri/ /content/plugins/$1;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#fastcgi_index index.php;
include fastcgi_params;
#}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param htaccessWorking true;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
# location ~ /\.ht {
# deny all;
#}
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
}
Has anyone an idea how it will work?
1) First of all, check
fastcgi_split_path_info ^/owncloud/(.+\.php)(/.+)$;
I think You must use (.+?.php) here, ? will allow to correctly operate with *.php file as user data (I see You use it above). BTW, create info.php with
<?php
phpinfo();
?>
Upload it to You server and try download it from owncloud/remote.php/webdav/SOME_FOLDER/info.php, its must start downloading, not executing.
2) Make sure that fastcgi parameter PATH_INFO set correctly (using that info.php file), if not, try use
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
Don't ask me why it's set in such odd way, there was a bug, I don't remember where I found this solution…
3) Why You are using fastcgi_split_path_info in location /owncloud? This location is not blocking further regex matches (use location ^~ … to avoid it), so php scripts won't get there, it will be matched in location ~ ^(.+?\.php)(/.*)?$ below, which, by the way, seems doesn't have fastcgi_split_path_info.
Can't say more, sorry, I just using owncloud for my home PC
PS) I recommend You use include directive to split one huge config in multiple small configs to increase readability …