I searched in the entire web but apparently none has published the configuration I'm looking for.
I'm currently testing on a VM what I'd like to be my server config, the 3 apps I'll install are rutorrent, web interface for rtorrent, owncloud and plex, 2 of these are configured with nginx but somehow my configuration doesn't work. I created 2 virtual servers one named rutorrent, the other owncloud, my idea would be to access these with serverip/rutorrent and serverip/owncloud, separating the 2. I'm on Ubuntu 14.04, my rutorrent and owncloud folders are into /var/www, my php version is 5.5.9-1.
The current problem is that the rutorrent config works if it's the only one enabled, but it doesn't if the owncloud is enabled too, moreover, the owncloud alone doesn't work. With a stock owncloud config from their manual the owncloud works but the rutorrent returns a file not foundpage.
Here are my server files from /etc/nginx/sites-available which I have linked to the enableddirectory:
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name 192.168.61.128;
return 301 https://$server_name$request_uri; # enforce https
}
server {
listen 443;
server_name 192.168.61.128;
ssl on;
ssl_certificate /srv/ssl/nginx.crt;
ssl_certificate_key /srv/ssl/nginx.key;
# Path to the root of your installation
root /var/www;
client_max_body_size 10G; # set max upload size
fastcgi_buffers 64 4K;
index index.php;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /owncloud/ {
alias /var/www/owncloud/;
location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
deny all;
}
rewrite ^/owncloud/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
rewrite ^/owncloud/carddav(.*)$ /owncloud/remote.php/carddav$1 redirect;
rewrite ^/owncloud/webdav(.*)$ /owncloud/remote.php/webdav$1 redirect;
rewrite ^/owncloud/.well-known/host-meta /owncloud/public.php?service=host-meta last;
rewrite ^/owncloud/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last;
rewrite ^/owncloud/.well-known/carddav /owncloud/remote.php/carddav/ redirect;
rewrite ^/owncloud/.well-known/caldav /owncloud/remote.php/caldav/ redirect;
rewrite ^/owncloud/apps/([^/]*)/(.*\.(css|php))$ /owncloud/index.php?app=$1&getfile=$2 last;
rewrite ^(/owncloud/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
location ~ ^/owncloud/(.+?\.php)(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_NAME /owncloud/Â$fastcgi_script_name;
fastcgi_pass php-handler;
}
}
# Optional: set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
}
It's as close as possible to the official owncloud configuration but I get 404 error when I load the page.
The rutorrent config is as follows, it has both normal and ssl config because I tried changing stuff on the normal one without touching the ssl that works:
server {
listen 80;
server_name 192.168.61.128;
root /var/www;
index index.php index.html index.htm;
#location / {
# try_files $uri $uri/ =404;
#}
location /rutorrent {
auth_basic "rutorrent";
auth_basic_user_file /var/www/rutorrent/.htpasswd;
}
location /RPC2 {
include scgi_params;
scgi_pass localhost:5000;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
#fastcgi_intercept_errors on;
#fastcgi_ignore_client_abort off;
#fastcgi_connect_timeout 60;
#fastcgi_send_timeout 180;
#fastcgi_read_timeout 180;
#fastcgi_buffer_size 128k;
#fastcgi_buffers 4 256k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
}
location ~ /\.ht {
deny all;
}
}
server {
listen 443;
server_name 192.168.61.128;
root /var/www;
index index.php index.html index.htm;
ssl on;
ssl_certificate /srv/ssl/nginx.crt; #server.crt
ssl_certificate_key /srv/ssl/nginx.key; #server.key
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
location / {
#try_files $uri $uri/ =404;
}
location /rutorrent {
auth_basic "rutorrent";
auth_basic_user_file /var/www/rutorrent/.htpasswd;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
#fastcgi_intercept_errors on;
#fastcgi_ignore_client_abort off;
#fastcgi_connect_timeout 60;
#fastcgi_send_timeout 180;
#fastcgi_read_timeout 180;
#fastcgi_buffer_size 128k;
#fastcgi_buffers 4 256k;
#fastcgi_busy_buffers_size 256k;
#fastcgi_temp_file_write_size 256k;
}
location /RPC2 {
include scgi_params;
scgi_pass localhost:5000;
}
location ~ /\.ht {
deny all;
}
}
And finally my nginx.conf which again is as close as standard as possible.
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log info;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
I'm quite bad with this stuff, but intuitively it shouldn't be this hard. Thanks for the help.
You're completely right, I modified the configuration putting both location in the same vhost, this is a working result, again mostly adapted from the OwnCloud manual.
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/var/run/php5-fpm.sock;
}
server {
listen 80;
server_name 192.168.61.128;
return 301 https://$server_name$request_uri; # enforce https
}
server {
listen 443;
server_name 192.168.61.128;
root /var/www;
index index.php index.html index.htm;
ssl on;
ssl_certificate /srv/ssl/nginx.crt; #server.crt
ssl_certificate_key /srv/ssl/nginx.key; #server.key
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
client_max_body_size 10G; # set max upload size
fastcgi_buffers 64 4K;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
}
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;;
fastcgi_pass php-handler;
}
location /rutorrent {
auth_basic "rutorrent";
auth_basic_user_file /var/www/rutorrent/.htpasswd;
}
location /RPC2 {
include scgi_params;
scgi_pass unix:/home/rtorrent/.sockets/scgi.socket;
}
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
access_log off;
}
}
There's a lot with this config that could be improved, but your primary issue is that define two server blocks with identical server_name. They won't be merged, if that's what you're expecting, but one is picked, the other isn't.
Related
I'm trying to upgrade from PHP 7.4 to PHP 8 on Azure App Service (Linux).
It shows the following error:
404 Not Found - nginx/1.14.2
I understood that the problem is that Azure from PHP 8 use NGINX instead Apache.
So I followed the steps given here:
https://azureossd.github.io/2021/09/02/php-8-rewrite-rule/index.html
For a while it's worked correctly but from the day after it stopped to work and restart to show the error "404 Not Found
nginx/1.14.2"
This is my default file:
server {
#proxy_cache cache;
#proxy_cache_valid 200 1s;
listen 8080;
listen [::]:8080;
root /home/site/wwwroot;
index index.php index.html index.htm;
server_name example.com www.example.com;
location / {
index index.php index.html index.htm hostingstart.html;
try_files $uri $uri/ /index.php?$args;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /html/;
}
# Disable .git directory
#
location ~ /\.git {
deny all;
access_log off;
log_not_found off;
}
# Add locations of phpmyadmin here.
#
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param HTTP_PROXY "";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_intercept_errors on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 3600;
fastcgi_read_timeout 3600;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
}
}
This is a working nginx configuration with ssl installed. YOu can see this as reference and modify it according to your own
server {
server_name something.com www.something.com;
root /var/www/something.com/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/something.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/something.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.something.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = something.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name something.com www.something.com;
return 404; # managed by Certbot
}
I encountered similar issues with the change from Apache to Nginx in Azure App Services. I did some further research to get my application working and blogged about it at https://www.azurephp.dev/2021/09/php-8-on-azure-app-service/. Maybe the solutions I found can help you further.
I have trouble to run davical (php) web calendar. There is no errol log in nginx error logs. When is calendar under \ location everything work. But when i have calendar under /calendar location. it returns 404.
default server root is: /usr/share/nginx/html/default
calendar index.php path: /usr/share/nginx/html/calendar/davical/htdocs\index.php
os: Centos 7
server {
listen 80 default_server;
server_name my_domain_name;
return 301 https://$server_name$request_uri;
}
Https
server {
listen 443 ssl http2;
server_name my_domain_name;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
ssl on;
ssl_certificate "/etc/pki/tls/certs/nginx/certificate.pem";
ssl_certificate_key "/etc/pki/tls/certs/nginx/privatekey.pem";
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_session_tickets off;
ssl_dhparam "/etc/pki/tls/certs/nginx/dhparam.pem";
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
resolver 8.8.8.8 8.8.4.4;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate "/etc/pki/tls/certs/nginx/certificate.pem";
add_header Strict-Transport-Security "max-age=31536000;includeSubdomains; preload";
root /usr/share/nginx/html/default;
index index.php index.html index.htm;
include /etc/nginx/default.d/php-fpm.conf;
location /calendar {
alias /usr/share/nginx/html/calendar/davical/htdocs;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
php-fpm.conf
location ~ \.php$ {
try_files $uri =404;
fastcgi_param HTTPS on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include fastcgi_params;
}
Your existing location ~ \.php$ block serves the /usr/share/nginx/html/default root. You need a nested location to process PHP files under the /calendar URI.
Assuming that your calendar app is designed to work within a subfolder, this may work for you:
location ^~ /calendar {
alias /usr/share/nginx/html/calendar/davical/htdocs;
index index.php;
if (!-e $request_filename) {
rewrite ^ /calendar/index.php last;
}
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
}
Use the ^~ modifier to prevent the other location ~ \.php$ block from taking precedence (see this document for more). Use $request_filename, as it works with alias. Avoid using try_files with alias (see this issue).
I have cakephp set up with nginx, and before I had nginx set up and url rewriting was working perfectly, such that urls of form: mywebsite.com/cake_project/controller/action worked perfectly. Then I changed the name of the folder cake_project to web, and updated the nginx config file and now when I go to mywebsite.com/web the cakephp works, but If I go to mywebsite.com/web/controller or mywebsite.com/web/controller/action it gives 404.
(My Operating system is Ubuntu, and my CakePHP version is 2.3.9)
Here is what my current nginx config is, sorry I didn't backup my old nginx config :( (that probably would have helped me).
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
server {
listen 80;
listen [::]:80;
server_name mywebsite.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 default_server;
listen [::]:443 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
ssl on;
ssl_certificate path_to_ssl_certificate;
ssl_certificate_key path_to_ssl_key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# Make site accessible from http://localhost/
server_name localhost;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location /web {
alias /usr/share/nginx/html/web/app/webroot;
try_files $uri $uri/ /web/webroot/index.php;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# root html;
# index index.html index.htm;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
Can Anyone see, what I am doing wrong?
I have similar Nginx configs to this on everything from Nginx 1.4 - 1.8 seems to work well with CakePHP overall especially for the rewriting. Do you have things that are using the IPv6? I would think that stuff could go, if you are sure nothing is using IPv6.
Here is a working example I have working with several CakePHP 2.x project:
server {
listen 80 default_server;
server_name www.example.com;
rewrite ^(.*) https://www.example.com$1 permanent;
}
server {
listen 443 ssl;
access_log /var/log/nginx/www.example.com.access.log;
error_log /var/log/nginx/www.example.com.error.log;
root /var/www/production/app/webroot;
index index.php;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl.crt/www.example.com.intermediate.combined.crt;
ssl_certificate_key /etc/nginx/ssl.key/www.example.com.key;
# For Larger File Uploads
client_max_body_size 28M;
# This is for CakePHP
if (!-e $request_filename) {
rewrite ^/(.+)$ /index.php?url=$1 last;
break;
}
proxy_buffers 4 256k;
proxy_buffer_size 128k;
proxy_busy_buffers_size 256k;
# Cache Headers for Static Files
location ~* \.(?:ico|css|js|gif|jpe?g|png|swf)$ {
expires 30d;
add_header Pragma public;
add_header Cache-Control "public";
}
# Pass the PHP scripts to FastCGI server
# listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_pass_header Set-Cookie;
fastcgi_ignore_headers Cache-Control Expires;
fastcgi_intercept_errors on; # to support 404s for PHP files no$
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_buffers 4 256k;
fastcgi_buffer_size 128k;
fastcgi_busy_buffers_size 256k;
include fastcgi_params;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
# Deny access to .htaccess files,
# git & svn repositories, etc
location ~ /\.(ht|git|svn) {
deny all;
}
}
Here is another option that might work for you:
server {
listen 80;
listen [::]:80;
server_name mywebsite.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 default_server;
listen [::]:443 default_server ipv6only=on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
ssl on;
ssl_certificate path_to_ssl_certificate;
ssl_certificate_key path_to_ssl_key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# Make site accessible from http://localhost/
server_name localhost;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
location /web {
rewrite ^/web$ /web/ permanent;
rewrite ^/web/(.+)$ /$1 break;
root /usr/share/nginx/html/web/app/webroot;
try_files $uri /$uri/ #cakephp;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# Other PHP Files - Non-CakePHP
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# For CakePHP
location #cakephp {
set $q $request_uri;
if ($request_uri ~ "^/web(.+)$") {
set $q $1;
}
fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/web/app/webroot/index.php;
fastcgi_param QUERY_STRING url=$q;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_intercept_errors on; # to support 404s for PHP files no$
include fastcgi_params;
}
}
So I am setting up my first Linode (sort of new to managing everything myself). However, I have the following problem. The browser downloads the php file instead of executing it and MS Internet Explorer shows the file's content instead of downloading it.
I've read through a lot of content/answers about this problem but nothing seems works so I'd appreciate your help.
Important to note is that the website "crashes" only when I add the following line to the Virtual Host file
location ~* .(ico|jpg|webp|jpeg|gif|css|png|js|ico|bmp|zip|woff)$ {
expires 365d;
}
Here are the two files in full
NGINX.CONF
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10s;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
# ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
and the sites-available/default file
server {
listen 80 default_server;
listen [::]:80 default_server;
root /www/bloggingwithdani.com;
index index.html index.php index.htm;
server_name localhost;
# pagespeed On;
# pagespeed FileCachePath "/var/cache/ngx_pagespeed/";
# pagespeed EnableFilters combine_css,combine_javascript;
location / {
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~* .(ico|jpg|webp|jpeg|gif|png|ico|bmp|zip|woff|css|js|)$ {
expires 365d;
}
location ~ /\. {
deny all;
}
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
location ~ [^/]\.php(/|$) {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
your php location block looks wrong to me. here's my location block for php
location ~ \.(php)$ {
try_files $uri = 404;
location ~ \..*/.*\.php$ {return 404;}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_keep_conn on;
fastcgi_pass unix:/var/run/php5-fpm.sock;
# fastcgi_pass 127.0.0.1:9000; #passing directly to the socket
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
also, your static file caching is wrong, and has an erroneous wild card parameter. remove the last | and optionally add some extra configuration options to further optimize delivery of static content.
location ~* .(ico|jpg|webp|jpeg|gif|png|ico|bmp|zip|woff|css|js)$ {
expires max;
add_header Vary Accept-Encoding;
access_log off;
}
I have a Problem with our Nginx configuration, We have Wordpress in our current root directory and i would like to setup owncloud on /owncloud by using a directory outside of our root. I have tried to setup an alias in nginx but i get an "access denied" from nginx or php i'am not sure.
My nginx config:
server {
listen 134.34.60.101:80; ## listen for ipv4; this line is default and implied
# listen [::]:80 default ipv6only=on; ## listen for ipv6
listen 134.34.60.101:443 default ssl;
server_name fachschaft.inf.uni-konstanz.de www.fachschaft.inf.uni-konstanz.de;
#root /usr/share/nginx/www;
root /srv/www/website/current;
index index.php;
# reroute to old svn for now - Sammy 2013-11-26
rewrite ^/svn/fachschaft(/.*)$ https://134.34.58.21/svn/fachschaft$1;
ssl_certificate ssl/chained-nginx.crt;
ssl_certificate_key ssl/key-no-pw.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
if ($ssl_protocol = "") {
rewrite ^ https://www.fachschaft.inf.uni-konstanz.de$request_uri? redirect;
}
#Owncloudsettings:
client_max_body_size 256M; # set max upload size
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
deny all;
}
location ~ /adminier {
# TODO find a better solution...
alias /srv/www/adminier/index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location /owncloud {
alias /srv/www/owncloud;
try_files $uri $uri/ /index.php?$args;
# fastcgi_split_path_info ^(/owncloud/.+\.php)(/.+)$;
fastcgi_split_path_info ^/owncloud/(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
#Owncloud:
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/www;
#}
# Roots Wordpress Theme Rewrites
# See http://roots.io/roots-101/
location ~ ^/assets/(img|js|css|fonts)/(.*)$ {
try_files $uri $uri/ /content/themes/fsinf-v2/assets/$1/$2;
}
location ~ ^/plugins/(.*)$ {
try_files $uri $uri/ /content/plugins/$1;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#fastcgi_index index.php;
include fastcgi_params;
#}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param htaccessWorking true;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
# location ~ /\.ht {
# deny all;
#}
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
}
Has anyone an idea how it will work?
1) First of all, check
fastcgi_split_path_info ^/owncloud/(.+\.php)(/.+)$;
I think You must use (.+?.php) here, ? will allow to correctly operate with *.php file as user data (I see You use it above). BTW, create info.php with
<?php
phpinfo();
?>
Upload it to You server and try download it from owncloud/remote.php/webdav/SOME_FOLDER/info.php, its must start downloading, not executing.
2) Make sure that fastcgi parameter PATH_INFO set correctly (using that info.php file), if not, try use
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
Don't ask me why it's set in such odd way, there was a bug, I don't remember where I found this solution…
3) Why You are using fastcgi_split_path_info in location /owncloud? This location is not blocking further regex matches (use location ^~ … to avoid it), so php scripts won't get there, it will be matched in location ~ ^(.+?\.php)(/.*)?$ below, which, by the way, seems doesn't have fastcgi_split_path_info.
Can't say more, sorry, I just using owncloud for my home PC
PS) I recommend You use include directive to split one huge config in multiple small configs to increase readability …