i'm having a problem with my application made with php and the Laravel Framework.
The issue is with file uploads/downloads.
When i submit files to the server it stores them good, but when i try to download an uploaded file larger than 100KB it just downloads part of it making it corrupt.
Tried a lot of options by adjusting php.ini settings, nginx settings and still can't solve it.
Here is my current configuration for nginx:
nginx.conf
user developer;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
Now here is my nginx site config:
server {
listen 8002 default_server;
server_name localhost 172.20.74.229 cadeco.dev;
root /var/www/current/cadeco/public;
index index.php index.html index.htm;
access_log /var/log/nginx/cadeco.dev-access.log;
error_log /var/log/nginx/cadeco.dev-error.log error;
charset utf-8;
include h5bp/basic.conf;
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; }
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
sendfile off;
client_max_body_size 100m;
location ~ ^/index\.php(/|$) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi.conf;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
Then here are the related settings of php.ini from (/etc/php5/fpm/php.ini):
max_execution_time = 30
max_input_time = 60
memory_limit = 512M
upload_max_filesize = 50M
max_file_uploads = 20
And finally here is my php script that does the file download:
public function downloadFile($file)
{
$filePath = storage_path('app/uploads/').$file;
if (Storage::exists($file))
{
return response()->download($filePath);
}
Flash::error('File does not exists!');
return redirect()->back();
}
Thanks for any help in advance! :D
i figured it out!.
I checked the error log for this nginx site and found this error:
*10 open() "/var/lib/nginx/fastcgi/4/00/0000000004" failed (13: Permission denied) while reading upstream, client: 172.20.73.101, server: localhost, request: XXXXX
This error ocurred because some time ago we changed the user to www-data to start services like the php-fpm, but i forgot to change it for nginx.
Changed the user to www-data and now everything works as it should!
Thanks!
Related
I have an Nginx server which will host a few websites that are being migrated from an Apache server.
One of the things I've been trying to figure out is how to include additional directories to look at when files are being called.
In Apache I can include the following in the vhost:
php_value include_path /sites/web-test1/vendor/webtoolkit/src:/sites/web-test1/private:/usr/share/php
And that works fine in Apache. But in Nginx, I have attempted to use
include /sites/web-test1/vendor/webtoolkit/src;
But that doesn't work. Can anyone shed some light on how this is performed?
So I included the following in my vhost, as per a recommendation:
fastcgi_param PHP_VALUE "include_path=/sites/web-test1/vendor/webtoolkit/src/includes";
fastcgi_param PHP_VALUE "include_path=/sites/web-test1/vendor/";
fastcgi_param PHP_VALUE "include_path=/sites/web-test1/private/";
fastcgi_param PHP_VALUE "include_path=/usr/share/php/";
Note that I tried that first line both with and without the 'includes' directory in the statement, but it seemed to make no difference. That first line is what is needed to call the file shown below.
If it makes a difference the file uses the following line:
<?php include('includes/emailpriv.inc.php'); ?>
But I still keep getting the same error:
php: PHP Warning: include(includes/emailpriv.inc.php): failed to open stream: No such file or directory in /git/web-test1/public/emailpriv.html on line XX
php: PHP Warning: include(): Failed opening 'includes/emailpriv.inc.php' for inclusion (include_path='/usr/share/php') in /git/web-test1/public/emailpriv.html on line XX
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
worker_rlimit_nofile 102400;
events {
worker_connections 100000;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
server_names_hash_max_size 512;
server_names_hash_bucket_size 128;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
log_format dm '$host - $remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /nginx/log/nginx/access.log dm;
error_log /nginx/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
And the vhost:
server {
server_tokens off;
client_max_body_size 100M;
server_name ws2.xxxxxxxxxxxx.com;
listen 443 ssl;
access_log /nginx/log/nginx/test1.access.log;
error_log /nginx/log/nginx/test1.error.log;
root /git/web-test1/public;
index index.php index.html;
location / {
try_files $uri $uri/ /index.html /index.php?$args;
}
location ~ \.(php|html|htm)$ {
try_files $uri =404/
include snippets/fastcgi-php.conf;
include /etc/nginx/fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; # regular pool
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param SERVER_NAME $host;
fastcgi_param PHP_VALUE "include_path=/sites/web-test1/vendor/webtoolkit/src/includes";
fastcgi_param PHP_VALUE "include_path=/sites/web-test1/vendor/";
fastcgi_param PHP_VALUE "include_path=/sites/web-test1/private/";
fastcgi_param PHP_VALUE "include_path=/usr/share/php/";
}
ssl_certificate /etc/letsencrypt/live/ws2.xxxxxxxxxxxx.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/ws2.xxxxxxxxxxxxx.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = ws2.xxxxxxxxxxxxxxx.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name ws2.xxxxxxxxxxxx.com;
return 404; # managed by Certbot
}
Add index.php file in (NGINX configuration file will be found in the /etc/nginx/ directory)
and change browser path in same .
relaod nginx,
relaod php-fpm
After some digging around and experimenting, I found the issue is with how I formatted the vhost. As indicated above I seperated each folder with it's own "fastcgi_param PHP_VALUE"
But when you do this it overwrites the previous PHP_VALUE. So the correct format is as follows:
fastcgi_param PHP_VALUE "include_path=/sites/web-test1/vendor/webtoolkit/src/; include_path=/sites/web-test1/vendor/; include_path=/sites/web-test1/private/; include_path=/usr/share/php/";
I have a dedicated server with this hardware configs:
CPU: Intel(R) Xeon(R) Gold 6226R CPU # 2.90GHz
RAM: 64GB
Disk: SSD 512GB
My stack is:
SO: Ubuntu latest LTS
Web Server: Nginx 1.18.0
Language: PHP 7.4
Database: MariaDB 10.3.25
Currently, the TTFB is around 400ms and I have some problems with slow requests on Wordpress dashboard and site performance.
I know about the optimizations in site side but, I tested some stuffs to get the real problem: Server Side.
I have more than 200 sites, all in Wordpress and "Tiedye", using just the best plugins. All of this is connected to Cloudflare with the best options and with cache plugin (WP Rocket).
About the configs of the software, follow:
NGINX
user www-data;
worker_processes auto;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log crit;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
http {
#BASIC CACHE
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
access_log off;
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 30;
send_timeout 2;
keepalive_requests 100000;
reset_timedout_connection on;
types_hash_max_size 2048;
#LARGE URL, LARGE REQUESTS AND SIZES IMPROVE
large_client_header_buffers 4 256k;
client_max_body_size 500M;
client_header_buffer_size 3M;
client_body_buffer_size 128k;
client_body_timeout 30m;
client_header_timeout 30m;
proxy_send_timeout 6000;
proxy_read_timeout 6000;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
server_names_hash_bucket_size 512;
#SSL
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_ecdh_curve secp384r1;
ssl_session_tickets off;
ssl_buffer_size 4k;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 1h;
#DEFAULT
include /etc/nginx/mime.types;
default_type application/octet-stream;
#SECURITY
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m; limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
#COMPRESS AND CACHE
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon image/jpeg image/png image/jpg;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
fastcgi_cache_path /var/cache/nginx/fastcgi levels=1:2 keys_zone=WORDPRESS:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
proxy_cache_path /var/cache/nginx/proxy levels=1:2 keys_zone=PROXY:10m max_size=10g inactive=60m use_temp_path=off;
proxy_cache_revalidate on;
proxy_buffering off;
proxy_request_buffering off;
}
NGINX/PHP
### SERVER ###
index index.php index.html index.htm index.nginx-debian.html;
#RULES FOR NOT CACHE
set $skip_cache 0;
if ($request_method = POST) {
set $skip_cache 1;
}
if ($query_string != "") {
set $skip_cache 1;
}
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
#RULES AND REWRITES
location ~ ([^/]*)sitemap(.*)\.x(m|s)l$ {
rewrite ^/sitemap\.xml$ /sitemap_index.xml permanent;
rewrite ^/([a-z]+)?-?sitemap\.xsl$ /index.php?xsl=$1 last;
rewrite ^.*/sitemap_index\.xml$ /index.php?sitemap=1 last;
rewrite ^.*/([^/]+?)-sitemap([0-9]+)?\.xml$ /index.php?sitemap=$1&sitemap_n=$2 last;
rewrite ^/news_sitemap\.xml$ /index.php?sitemap=wpseo_news last;
rewrite ^/locations\.kml$ /index.php?sitemap=wpseo_local_kml last;
rewrite ^/geo_sitemap\.xml$ /index.php?sitemap=wpseo_local last;
rewrite ^/video-sitemap\.xsl$ /index.php?xsl=video last;
access_log off;
}
location ~* /(?:uploads|files|wp-content|wp-includes|akismet)/.*.php$ { deny all;
access_log off;
log_not_found off;
}
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
access_log off;
log_not_found off;
expires max;
add_header Cache-Control "max-age=2592000";
}
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
add_header Cache-Control "max-age=0";
}
location ~* \.(?:rss|atom)$ {
add_header Cache-Control "max-age=3600";
}
location ~* \.svgz$ {
access_log off;
gzip off;
expires 360d;
add_header Cache-Control "max-age=2592000";
}
location ~* \.(?:css|js)$ {
access_log off;
log_not_found off;
expires 360d;
add_header Cache-Control "max-age=31536000";
}
location = /robots.txt {
access_log off;
log_not_found off;
}
location ~ /\.ht {
deny all;
access_log off;
log_not_found off;
}
location ~ /\.user.ini {
deny all;
access_log off;
log_not_found off;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
try_files $fastcgi_script_name = 404;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
fastcgi_cache WORDPRESS;
fastcgi_cache_valid 200 30m;
fastcgi_cache_methods GET HEAD;
fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;
proxy_cache PROXY;
# Hide PHP Version
fastcgi_hide_header X-Powered-By;
proxy_hide_header X-Powered-By;
add_header X-Fastcgi-Cache $upstream_cache_status;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload";
include fastcgi.conf;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
PHP CUSTOM CONFIGS:
memory_limit = 512M
max_input_time = 50000
max_execution_time = 50000
expose_php = Off
post_max_size = 20M
--- POOL ---
pm = static
pm.max_children = 220
pm.max_requests = 0
request_terminate_timeout = 20000
MARIADB CUSTOM CONFIGS:
innodb_buffer_pool_size = 18G
innodb_buffer_pool_instances = 18
innodb_log_file_size = 6G
innodb_log_buffer_size = 512M
innodb_write_io_threads = 8
innodb_read_io_threads = 8
max_allowed_packet = 512M
max_connections = 500
table_open_cache = 6000
table_open_cache_instances = 8
table_definition_cache = 2000
tmp_table_size = 64M
max_heap_table_size = 64M
thread_cache_size = 100
key_buffer_size = 128M
query_cache_type = 0
query_cache_size = 0
log_warnings = 2
About this lot of info and configs, some DIRECTLY tips to improve the TTFB and speed of my sites?
PS: If did you a specialist in this and wants to help me, I will consider "pay a coffee" comparing the after results.
WP has some sloppy indexing on wp_postmeta. This might explain slow queries, which might explain the high TTFB. Here are the details on the schema fix:
http://mysql.rjweb.org/doc.php/index_cookbook_mysql#speeding_up_wp_postmeta
Is the system swapping any? Is the dataset less than 18GB? Either question may lead to some other (unlikely) remedy.
I seem to be having an issue with my Nginx (version 1.11.9) installation. I have set up a LEMP stack on my Ubuntu 16.04 LTS server, and also have mail services running on it as well. I'm using the following agents :- Postfix and Dovecot. Now the reason for setting up LEMP is to facilitate webmail using Roundcube. I have set up symbolic links within sites-enabled, deleted link to default and added site config file called roundcube. The problem I am having is the default_server document root is not loading any pages from that location, it only seems to be loading pages from the Nginx default location /usr/share/nginx/html
I have specified root to be /usr/share/nginx/roundcube but no pages load from that location. I been going over this a 3 weeks now and I'm just getting frustrated as I cant see the issue. I will list the Nginx config files I have amended.
Any help would be very much appreciated.
P.S I am using Cloudflare DNS
Thanks Rob
nginx.conf :-
user www-data;
worker_processes 2;
pid /run/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10 10;
types_hash_max_size 2048;
server_tokens off;
port_in_redirect off;
client_max_body_size 4096k;
client_body_timeout 10;
client_header_timeout 10;
send_timeout 10;
#server_names_hash_bucket_size 64;
#server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_min_length 1100;
gzip_vary on;
gzip_proxied any;
# gzip_comp_level 6;
gzip_buffers 16 8k;
# gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/rss+xml text/javascript image/svg+xml application/x-font-ttf font/opentype application/ vnd.ms-fontobject;
##
# SSL Settings
##
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
#ssl_prefer_server_ciphers on;
# Sitewide SSL settings
ssl_session_cache shared:SSL:10m;
ssl_buffer_size 4k;
# Sitewide proxy settings
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
Sites-available config file "roundcube" contents :-
server {
listen 80;
server_name example.com;
if ($http_cf_visitor ~ '{"scheme":"http"}') {
return 301 https://example.com$request_uri;
}
}
server {
listen 80;
server_name example.com;
if ($http_cf_visitor ~ '{"scheme":"http"}') {
return 301 https://$host$request_uri;
}
}
# HTTPS server
server {
listen 443 ssl http2 default_server;
server_name example.com;
root /usr/share/nginx/roundcube;
index index.html index.php;
autoindex off;
ssl on;
ssl_certificate /etc/ssl/private/ssl-chain-mail-example.com.pem;
ssl_certificate_key /etc/ssl/private/ssl-key-decrypted-mail-example.com.key;
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES :RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS;
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp521r1;
# Client auth via certs
# ssl_client_certificate /etc/ssl/private/example.com.crt;
# ssl_trusted_certificate /etc/ssl/private/example.com.crt;
# ssl_verify_client on;
location / {
# if ($ssl_client_s_dn !~* "user#example.com") {
# return 301 http://www.jurassicsystems.com/;
# }
# error_page 403 #fallback;
}
location ~ ^/(README|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
location ~ ^/(config|bin|SQL|logs|temp)/ {
deny all;
}
location ~ ^/.*\.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php7.1-fpm-sock;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
}
location #fallback {
return 301 http://www.jurassicsystems.com/;
}
}
The system is Fedora 25, with Nginx 1.10.2 and PHP 7.0.14 work in CGI Mode.
I using dnf to install phpMyAdmin, the location is /usr/share/phpMyAdmin, so I try to let it work as alias in multi-website.
location /phpmyadmin {
alias /usr/share/phpMyAdmin;
include fastcgi_php.conf;
}
And I add the location into open_basedir.
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root/:/tmp/:/usr/share/phpMyAdmin/:/var/lib/phpMyAdmin/:/etc/phpMyAdmin/:/usr/share/php:/usr/bin/pear:/dev/null:/var/lib/php";
I open the URL and the log show this message:
2016/12/19 17:52:05 [error] 2241#0: *2 FastCGI sent in stderr: "Unable to open primary script: /usr/share/phpMyAdmin/phpmyadmin/index.php (No such file or directory)" while reading response header from upstream, client: 1.1.1.1, server:1.1.1.1 , request: "GET /phpmyadmin/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:"
How to make it correct and work? Thank you!
Update:
I think maybe cause by fastcgi_param, in order to solve the blank page problem in PHP fastcgi, I add 2 line into this file.
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
nginx.conf:
user nginx nginx;
worker_processes 2;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
use epoll;
worker_connections 2048;
multi_accept on;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log;
include /etc/nginx/mime.types;
default_type application/octet-stream;
geoip_country /usr/share/GeoIP/GeoIP.dat;
charset UTF-8;
sendfile on;
send_timeout 10;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 30;
server_tokens off;
client_header_timeout 10;
client_max_body_size 64M;
client_body_timeout 10;
client_body_buffer_size 256k;
open_file_cache max=102400 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
types_hash_max_size 4096;
reset_timedout_connection on;
fastcgi_buffers 16 32k;
fastcgi_buffer_size 32k;
fastcgi_intercept_errors on;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_min_length 1024;
gzip_comp_level 6;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
fastcgi_php.conf:
location ~ \.php$ {
fastcgi_split_path_info ^(.+?\.php)(/.*)?$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
website.conf:
server {
listen 443 ssl;
server_name test.domain.com;
root /var/www/site1;
index index.html index.php;
access_log /var/log/site1-access.log combined;
error_log /var/log/site1-error.log warn;
ssl_certificate /etc/nginx/ssl/xxx.crt;
ssl_certificate_key /etc/nginx/ssl/xxx.key;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Content-Type-Options nosniff;
location / {
try_files $uri $uri/ /error.html;
include fastcgi_php.conf;
}
location /phpmyadmin {
alias /usr/share/phpMyAdmin;
include fastcgi_php.conf;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
}
}
It would work but No such file or directory. Nginx can't find the index.php in /usr/share/phpMyAdmin/phpmyadmin/ because the folder doesn't exists.
You have to edit the alias path of phpmyadmin location (see code snippet how I did). After that go to /usr/share/ path and rename the folder phpMyAdmin to phpmyadmin (lowercase) or use the same notation in Location (e.g. Location /phpMyAdmin)
server {
listen 443 ssl;
server_name test.domain.com;
root /var/www/site1;
index index.html index.php;
# Configure Access and Error Logging
access_log /var/log/site1-access.log combined;
error_log /var/log/site1-error.log warn;
# Configure SSL Certification usage
ssl_certificate /etc/nginx/ssl/xxx.crt;
ssl_certificate_key /etc/nginx/ssl/xxx.key;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
# Add Headers for security purposes
add_header Strict-Transport-Security "max-age=31536000";
add_header X-Content-Type-Options nosniff;
# Define some page rules
location / {
try_files $uri $uri/ /error.html;
include fastcgi_php.conf;
}
location /phpmyadmin {
alias /usr/share;
include fastcgi_php.conf;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ /\. {
deny all;
}
I just played around with nginx + HHVM + Wordpress, but can't get it to work correctly. Apache + HHVM and nginx + PHP-FPM works, but when using nginx and HHVM together, some global PHP variables are empty.
For example, there is a global called nice_options in my theme.
When trying this:
global $nice_options;
echo '###';
print_r($nice_options);
print_r($_GLOBALS['nice_options']);
echo '###';
I get this: ######.
I even tried to print_r($GLOBALS)and noticed, that [nice_options] is empty, but fully available in wp_object_cache.
I'm using Ubuntu 14.04, nginx 1.6.0 and HHVM 3.
My nginx configuration files:
/etc/nginx/nginx.conf
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
/etc/nginx/sites-available/chefgrill (name of my domain)
server {
listen 80 default_server;
root /var/www/chefgrill.de/public_html;
access_log /var/www/chefgrill.de/logs/access.log;
error_log /var/www/chefgrill.de/logs/error.log;
index index.php;
server_name dev.chefgrill.de;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
expires max;
}
location ~ /\.ht {
deny all;
}
include hhvm.conf;
}
/etc/nginx/hhvm.conf
location ~ \.(hh|php)$ {
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 1000;
include fastcgi_params;
}