I have configured my nginx to get data from s3 in case of 502 error thrown by php, but it is accessing data for all requests even when there is no 502 error.
Here is my configuration file,
upstream php {
server unix:/var/run/php5-fpm.sock;
}
server {
listen *:80;
server_name x.x.x.x;
root /data/www/public/;
# access_log /var/log/nginx/www.example.com.access.log main;
error_log /var/log/nginx/wf_err.log;
add_header Access-Control-Allow-Origin http://x.x.x.x;
location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
expires max;
log_not_found off;
}
location / {
index index.php;
try_files $uri $uri/ /index.php;
}
location #static{
add_header Access-Control-Allow-Origin *;
rewrite ^ $request_uri;
rewrite ^/assets/(.*)/(.*)\.css.* /assets/$1/$2.css break;
rewrite ^/assets/(.*)/(.*)\.js.* /assets/$1/$2.js break;
rewrite ^/assets/image.*/(.*)\.(.*).* /assets/image/$1.$2 break;
rewrite ^/assets/fonts/(.*)\.(.*).* /assets/fonts/$1.$2 break;
rewrite /story/([0-9]+)/([0-9]+)/.* /story/$1/$1_$2.html break;
rewrite /story/([0-9]+)/.* /story/$1/$1_1.html break;
proxy_hide_header x-amz-id-2;
proxy_hide_header x-amz-request-id;
proxy_pass http://bucket.s3.amazonaws.com;
}
location ~ \.php {
try_files $uri =404;
fastcgi_pass php;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
error_page 502 504 503 #static;
fastcgi_intercept_errors on;
# return 502;
}
# deny access to .htaccess files
location ~ /\.ht {
deny all;
}
}
I have used fastcgi_intercept_errors to catch errors sent by php.
Then, using error_page directive, I change the location to #static, where the requests are processed from s3.
But I can't understand why all requests are going to s3 even when there is no error.
Thanks.
Related
I have a NodeJS app deployed in the root of my domain (example.com) and I'm struggling for the last 7 days to add a blog in a subdirectory (example.com/blog). Even though I have set it up but I think there is some issue with Nginx config as I can't access the blog posts (blog homepage is accessible). It is also worth mentioning that I CAN access the posts if I set Permalinks to Plain in Wordpress settings, which I don't want because of SEO.
If I look at error logs then I can see this:
2022/09/02 15:43:43 [error] 86838#86838: *6 "/var/www/html/example.com/blog/advantages-of-social-media-2/index.php" is not found (2: No such file or directory), client: 142.52.23.144, server: www.example.com, request: "GET /blog/advantages-of-social-media-2/ HTTP/1.1", host: "www.example.com", referrer: "https://www.example.com/blog/"
Wordpress installation is located in /var/www/html/example.com/blog but in the config I have not added /blog but I can still access the blog homepage. And if I add it, then I can't access it anymore.
I tried like a million different solutions but nothing seems to be working. Someone please help me out.
Here's the full Nginx config without the SSL statements:
server {
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
server_name www.example.com;
# NodeJS App
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $http_cf_connecting_ip;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
# Wordpress Blog
location /blog {
access_log /var/log/nginx/blog_access.log;
error_log /var/log/nginx/blog_error.log;
root /var/www/html/example.com;
index index.php;
# Add a trailing slash if missing
if (!-f $request_filename) {
rewrite [^/]$ $uri/ permanent;
}
# try_files $uri $uri/ /index.php?$args;
# try_files $uri $uri/ /blog/index.php?q=$uri&$args;
try_files $uri $uri/ /blog/index.php?$args;
location ~ \.php {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
# Change this to your fpm socket
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
}
}
Try this, dont just copy and paste this and try to understand what each block do
server {
listen 443 ssl http2;
server_name www.example.com example.com;
#Addition Configs
.
.
.
.
.
error_log /var/www/html/example.com/error error;
root /var/www/html/example.com;
index index.html index.php;
location / {
gzip_static on;
error_page 418 = #cachemiss;
.
.
.
}
location #cachemiss {
try_files $uri $uri/ /index.php$is_args$args;
}
### DISABLE LOGGING ###
location = /robots.txt { access_log off; log_not_found off; }
location = /favicon.ico { access_log off; log_not_found off; }
### CACHES ###
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html|mp4)$ { access_log off; expires max; }
location ~* \.(woff|svg|woff2|ttf|eot)$ { access_log off; log_not_found off; expires 30d; }
location ~* \.(js)$ { access_log off; log_not_found off; expires 7d; }
location /blog {
try_files $uri $uri/ /blog/index.php?q=$uri&$args;
}
### php block ###
location ~ \.php?$ {
fastcgi_cache phpcache;
fastcgi_cache_valid 200 30m;
fastcgi_cache_methods GET HEAD;
try_files $uri =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_hide_header X-Powered-By;
fastcgi_pass 127.0.0.1:9000;
}
}
The most important part you have to configure is the php-block/fast-cgi location block which you should directly put under server block and outside the blog location
Then on your blog location just do a request to /blog/index.php
like so;
try_files $uri $uri/ /blog/index.php?q=$uri&$args;
your directory structure should be;
/var/www/html/example.com - your root folder which should contains any app you want
/var/www/html/example.com/blog - contains your wordpress installation
for fastcgi caching, you either remove this line
fastcgi_cache phpcache; from php block,
or go to /etc/nginx/nginx.conf and configure fastcgi caching like below;
the code below should be in http block
fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=phpcache:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
I have php website (symfony framework running in dev env) under example.com and wordpress blog under example.com/blog/ .
Now I'm trying make make wordpress working under this set up.
As of right now I have only static files served by nginx.
I can't make php files executed.
Symfony app root dir: /data/example.com
Wordpress root dir: /data/example.com-blog/web
My nginx config
server {
listen 80;
server_name example.com;
charset utf-8;
access_log /var/log/nginx/example.com_access.log main;
error_log /var/log/nginx/example.com_error.log;
root /data/example.com/web/;
index app_dev.php;
error_page 400 401 404 500 = /index.php;
location ~ /\. {
deny all;
}
location ^~ /blog {
log_not_found on;
access_log on;
root /data/example.com-blog/web;
rewrite ^/blog/([^.]+\.[^.]+)$ /$1 break;
try_files $uri $uri/ /blog/index.php$is_args$args;
location ~ \.php {
return 401; # for
}
}
location / {
try_files $uri /app_dev.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_intercept_errors off;
fastcgi_pass unix:/tmp/php-fpm.socket;
fastcgi_index index.php;
fastcgi_param HTTPS off;
include fastcgi_params;
}
location ~* \.(jpg|jpeg|gif|png|ico|js|css|htm|html|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|swf|flv|htc|xsl|eot|woff|ttf|svg)$ {
expires 1w;
tcp_nodelay off;
}
}
I tried to use RichardSmith's example and now I'm getting 403 error
location ^~ /blog {
alias /data/example.com-blog/web;
if (!-e $request_filename) { rewrite ^ /blog/index.php last; }
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/tmp/php-fpm.socket;
}
}
I've installed Nginx, PHP-FPM,SSL certificate (Let's Encrypt), and WordPress 4.6.1 on my server and working well.
But, when I change the permalink settings to anything other than default,I get 404 errors on every post,article and page.
In my nginx config file I have the following code under my location / block :
try_files $uri $uri/ /index.php?$args;
Here is my nginx.conf:
server {
listen xxx.xxx.xxx.xxx:80;
server_name raharja.com www.raharja.com;
root /home/admin/web/raharja.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/raharja.com.log combined;
access_log /var/log/nginx/domains/raharja.com.bytes bytes;
error_log /var/log/nginx/domains/raharja.com.error.log error;
location / {
# WordPress permalinks configuration
try_files $uri $uri/ /index.php?$args;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/raharja.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.raharja.com.conf*;
try_files $uri $uri/ /index.php?$args;
}
Does anyone have a solution?
I suggesting you try this:
if (!-e $request_filename)
{
rewrite ^(.+)$ /index.php?q=$1 last;
}
How do I configure nginx to allow a slash between my /test_file.php/?param1=test ? Currently is only allowing /test_file.php?param1=test ...
Here is my current configuration:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
# rewrite ^/(.php*)/$ /$1 permanent;
root /var/www/example.com;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/example.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
Url working (undesirable):https://example.com/workouts.php?workout=206
Url I want: https://example.com/workouts.php/?workout=206
The block:
location ~ \.php$ { ... }
is responsible for processing any URI which ends with .php.
A simple solution would be to change the regular expression to accept URIs which include pathinfo. However, you should also make other changes within the block to mitigate known exploits. See this document for details.
For example:
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
I did the following configurations for nginx server for code igniter and worked correctly , unfortunately there is one case not working.
When I request URL with parameter Like
servername.com/ControllerName/methodName?param=value
I got Not found Page 404
Server Configurations :
server {
# access from localhost only
listen 127.0.0.1:80;
server_name serverName.com;
root API;
log_not_found off;
charset utf-8;
access_log logs/accessservername.log main;
index index.php;
# handle files in the root path /www
location / {
try_files $uri $uri/ /index.php?$args;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root API;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9100
#
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass php;
fastcgi_index index.php;
#fastcgi_param PHP_FCGI_MAX_REQUESTS 1000;
#fastcgi_param PHP_FCGI_CHILDREN 100;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param REMOTE_ADDR $http_x_real_ip;
include fastcgi_params;
}
# add expire headers and speed up image access with a vary header
location ~* ^.+.(gif|ico|jpg|jpeg|png|flv|swf|pdf|mp3|mp4|xml|txt|js|css)$ {
expires 30d;
add_header Vary Accept-Encoding;
}
# only allow these request methods
if ($request_method !~ ^(GET|HEAD|POST)$ ){ return 405; }
}