I've added this block of directives to my Nginx installation
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
fastcgi_pass unix:/var/run/php5-fpm.sock;
# With php5-fpm:
include fastcgi.conf;
fastcgi_index index.php;
}
If i contact http://myserverip/script.php everything goes fine.
I need to use the rewrite engine to rewrite some URLs, after this block of directives i've added many other blocks like this:
location = /sentmessages {
rewrite ^(.*)$ /sent_messages.php break;
}
(i've used winginx converter for .htaccess rules)
If i contact http://myserverip/sentmessages rewrite goes well, but the PHP script gets downloaded instead of being passed to FastCGI.
I don't know how to fix this(tried to change the order of the directives without success.)
How to fix? thanks.
After searching Stackoverflow, solution was to use the "last" at the end of the rewrite rule.
location = /sentmessages {
rewrite ^(.*)$ /sent_messages.php last;
}
Related
I have 2 codeignitor projects in different directories.
what I want to do is
www.url.com => /var/www/ci_project
www.url.com/page1 => /var/www/ci_project
www.url.com/en => /home/another/ci_project
www.url.com/en/page1 => /home/another/ci_project
That is, only if the "en/" come followed host we would use different ci project.
However, it seems the apache alias cannot help because the ci mechanism would cover the path.
Can I achieve this by apache2 or nginx?
With nginx something like this should work:
index index.php;
location / {
root /var/www/ci_project;
try_files $uri $uri/ /index.php$is_args$args;
location ~ \.php$ {
# PHP-FPM handler here
}
}
# without the following location, request to 'www.url.com/en'
# would be redirected with HTTP 301 code to 'www.url.com/en/'
location = /en {
rewrite ^ /en/ last;
}
location /en/ {
# remove the '/en' URI prefix.
rewrite ^/en(/.*) $1 break;
root /home/another/ci_project;
try_files $uri $uri/ /en/index.php$is_args$args;
location ~ \.php$ {
rewrite ^/en(/.*) $1 break;
# PHP-FPM handler here
}
}
Note two nested PHP handler locations, they needed because each of them should use its own root.
I'm not familiar with the codeignitor, if it relies on the REQUEST_URI FastCGI parameter to determine the requested route, that one won't be changed with the rewrite nginx directive and you'd need to strip the /en URI prefix manually (check the first part of this answer). Here is an example how it can be done:
map $request_uri $fixed_uri {
~^/en(/.*)$ $1;
}
server {
...
location /en/ {
# remove the '/en' URI prefix.
rewrite ^/en(/.*) $1 break;
root /home/another/ci_project;
try_files $uri $uri/ /en/index.php$is_args$args;
location ~ \.php$ {
rewrite ^/en(/.*) $1 break;
# PHP-FPM handler here
...
# this line should be AFTER the default fastcgi parameters file inclusion
fastcgi_param REQUEST_URI $fixed_uri;
...
}
}
...
}
This official page can also be useful to check for some examples.
I have a NGINX server and I use Apache-utility's for password requirement (.htpasswd). It MOSTLY works fine. The following this work fine:
example.com/admin
example.com/admin/
example.com/admin/index
but...
When I type example.com/admin/index.php and don't type any password at all and press "abort" the server show's the index.php (without any CSS or JS files). I think my PHP-FPM is the problem. Please take a look:
location / {
try_files $uri $uri.html $uri/ #extensionless-php;
index index.html index.htm index.php;
}
location #extensionless-php {
rewrite ^(.*)$ $1.php last;
}
location /admin {
auth_basic "Restricted";
auth_basic_user_file /admin/.htpasswd;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$
}
Just looking at the last two locations in your question:
location ^~ /admin {
auth_basic "Restricted";
auth_basic_user_file /admin/.htpasswd;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
Adding the ^~ modifier makes the location ^~ /admin block take precedence over the other regex blocks (specifically the existing location ~ \.php$ block). So the authentication rules are uniformly applied to any URI beginning with /admin. See this document for details.
To avoid breaking PHP, the location ~ \.php$ block is duplicated within the location ^~ /admin block to process URIs that begin with /admin and end with .php.
I'm kind of ashame to bother you with a question so simple but I cannot figure out why the configuration of nginx is not enforcing a simple deny rule for a subfolder and really hope you can push me to the obvious mistake.
So, the setup: I got an nginx webserver running, /var/www is root directory and there are some subfolders. SSL is enforced and as I am using baikal CalDAV/CardDAV the settings for fastcgi origin from the corresponding documentation. Here is the currently working config file:
server {
listen 443 ssl;
root /var/www;
index index.html index.htm index.php;
server_name mydomain.org;
ssl_certificate /path/to/nginx.crt;
ssl_certificate_key /path/to/nginx.key;
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
location ~ ^(.+\.php)(.*)$ {
try_files $fastcgi_script_name =404;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include /etc/nginx/fastcgi_params;
}
rewrite ^/.well-known/caldav /baikal/cal.php redirect;
rewrite ^/.well-known/carddav /baikal/card.php redirect;
charset utf-8;
location ~ /(\.ht|Core|Specific) {
deny all;
return 404;
}
}
Now, I simply want to restrict access to a subsubfolder called /my/data/ which I first added in the deny block like this:
location ~ /(\.ht|Core|Specific|my/data/) {
deny all;
return 404;
}
But this did not work out, so I defined an own location like:
location ~ /my/data {
deny all;
return 404;
}
Tried with and without trailing slash, with and without ~ like in /doc/ as well as putting the deny location block before any other one and now I am at a loss. Access to /my/data and all subfolders and files is still granted. Can anyone help me out?
Thanks for reading!
Location order is important if you are using locations with regular expressions, as locations given by regular expressions are checked in order and first matched wins. That is, a configuration like this:
location ~ \.php$ { fastcgi_pass ... }
location ~ /my/data { deny all; }
will always allow access to any .php files, even matching /my/data. To fix this, you have to maintain proper order of locations, i.e., keep location ~ /my/data first:
location ~ /my/data { deny all; }
location ~ \.php$ { fastcgi_pass ... }
Or, better yet, use prefix location with the ^~ modifier instead - in this case order will not be important. This also ensures that proper prefix matching will be used, and regular expressions won't be checked at all. E.g.:
location ~ \.php$ { fastcgi_pass ... }
location ^~ /my/data { deny all; }
See http://nginx.org/r/location for more details about location matching in nginx.
Note well that return 404 in your configuration is redundant if you use deny all, or vice versa. Just use one of the directives.
It's also important to note that when testing, you shouldn't rely on your browser. Testing with browser often leads to confusing results due to caching. It's better idea to use, e.g., curl.
I am using winginx on windows 8.1 pro. I am new to using it. I want to enable url rewriting for nginx on windows so that link like this"http://mysite.dev/portfolio/latest/business-card-design/" works fine. I want to work with wordpress and laravel specially. I found how to convert .htaccess file to nginx but I do not know where to put them. I hope you expert people understand my problem. sorry for my English. Please help me. Thanks.
I downloaded Winginx and installed Wordpress 4.0.1 and this is my configuration :
server {
listen 127.0.0.1:80;
server_name example.com www.example.com;
root home/example.com/public_html;
index index.php index.html;
log_not_found off;
access_log logs/example.com-access.log;
charset utf-8;
location ~ /\. { deny all; }
location = /favicon.ico { }
location = /robots.txt { }
if (!-e $request_filename) {
rewrite ^(.+)$ /index.php?q=$1 last;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
}
With this configuration, generated by Winginx, my site works fine and the only part that I have added is the URL rewrite part :
if (!-e $request_filename) {
rewrite ^(.+)$ /index.php?q=$1 last;
}
Of course you have to select your permalinks settings from Settings > Permalinks to get what you want as URLs.
My client moved to new server which nginx & percona server. Problem is the forward slash is being removed from end of the url. as you can see on the picture http://imgur.com/8OAUQZb
therefor the design files such as js, css files are not loading or something it gives magento 404 not found page. it happens randomly.
on the database web/unsecure/base_url and web/secure/base_url are set with forward slash http://78.137.115.47.srvlist.ukfast.net/
I'm assuming something wrong with nginx file. The rewrite rules might be wrong. I have tried every possible way that I found on this website and on google but nothing work. It might be something else. Could you please help?
This is nginx conf file for the domain
# Uncomment the server definition below should you wish to
# redirect from punkyfish.com to www.punkyfish.com
#server {
# listen 192.168.92.247;
# server_name punkyfish.com;
# #rewrite / $scheme://www.$host$request_uri permanent;
#}
#
# Change this backend name (and the socket pointer)
# as additional virtual hosts are added. This should
# point to the spawn-fcgi wrapper running as the
# appropriate user.
#
upstream punkyfishcombackend {
server unix:/var/run/php-fcgi-punkyfishcom.sock;
}
server {
listen 192.168.92.247:80;
server_name punkyfish.com;
root /var/www/vhosts/punkyfish.com/htdocs;
location / {
index index.html index.php;
try_files $uri $uri/ #handler;
expires 30d;
}
location /app/ { deny all; }
location /includes/ { deny all; }
location /lib/ { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/ { deny all; }
location /report/config.xml { deny all; }
location /var/ { deny all; }
location /. {
return 404;
}
location #handler {
rewrite / /index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
include "ssl_offloading.inc";
location ~ .php$ {
if (!-e $request_filename) { rewrite / /index.php last; }
expires off;
fastcgi_pass punkyfishcombackend;
fastcgi_param HTTPS $fastcgi_https;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param MAGE_RUN_CODE default;
# fastcgi_param MAGE_RUN_TYPE store;
include fastcgi_params;
}
This was due to nginx was caching everything. regardless of my changes on db and files wasn't reflecting. I cleaned the cache from ngnix cache folder and problem solved.
Thanks.