I am facing this weired issue.
After a long trial and error I concluded that. My nginx server is not passing the SSL parameter to PHP if the user visits the Home page first time.
it works well if the user clicks some other links.
it works well when user first time visit other links.
it works well even for Home page second time.
To check please visit my site test.jawabee.in, here you can search for [SSL_PROTOCOL] => TLSv1.2 which is absent if you visited home page first time.
To test again, kill your browser forcefully (from task manager)
Here is my nginx.comf.
server {
listen 443 ssl ;
server_name test.jawabee.in;
root /usr/share/nginx/jawabee;
ssl_certificate /etc/letsencrypt/live/test.jawabee.in/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.jawabee.in/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/test.jawabee.in/chain.pem;
ssl_session_cache off;
include /etc/nginx/conf.d/testjawabee.template;
}
here is my testjawabee.template
index index.php index.html index.htm;
location ~ (^\.|/\.) {
return 403;
}
location / {
try_files $uri $uri/ #elgg;
}
location ~ \.php$ {
try_files $uri #elgg;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location #elgg {
fastcgi_pass 127.0.0.1:9000;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_param SSL_PROTOCOL $ssl_protocol;
fastcgi_param QUERY_STRING __elgg_uri=$uri&$args;
}
Related
When use start certbot container in Docker, the result is nginx container running, while certbot container's state is Exit.
Attaching to multilaradock_certbot_1
certbot_1 | Requested domain "fake.domain.com" is not a FQDN
certbot_1 | cp: cannot stat '/etc/letsencrypt/archive/"fake.domain.com"/cert1.pem': No such file or directory
Nginx configuration my site site_name.conf
server {
listen 80;
listen [::]:80;
server_name site_name.uz www.site_name.uz;
root /var/www/site/frontend/web;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
expires 20d; # 20
}
# ACME challenge
location /.well-known/acme-challenge/ {
root /var/www/letsencrypt/;
log_not_found off;
}
error_log /var/log/nginx/app_error.log;
access_log /var/log/nginx/app_access.log;
}
How can we correct this mistake?
You should fix the domain name in your docker-compose -file.
Currently your domain name is "fake.domain.com" and it should be fake.domain.com
I have deployed my laravel app on a centos server and I had to add below mentioned lines in httpd.conf to make it work
<Directory "/var/www/html/ezschedular2/public">
Allowoverride All
</Directory>
We have decided to use nginx now, what is the alternate of these lines? I have to add alternate of these lines on default.conf in folder /etc/nginx/conf.d
This is my nginx config for Laravel. Change variable suit your need
server {
listen 80;
server_name YOURSERVERNAME_OR_IP;
root YOUR_PATH_TO_LARAVEL_PUBLIC_FOLDER;
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
I want to configure nginx to behave in this way :
[OK] If i browse to domain.com/, the /var/www/index.php file is called
[HOW ?] If i browse to domain.com/blah, /var/www/controller.php is called
On apache, is done by a rewrite condition :
RewriteRule (.*) controller.php [L,QSA]
[HOW ?] If i browse to domain.com/api/someMethod, /var/www/api/controller.php is called
On apache, is done by a rewrite condition :
RewriteRule ^api api/controller.php [L,NC]
[HOW ?] If i browse to domain.com/image.png, nginx display the image /var/www/image.png
On apache, is done by a rewrite condition :
RewriteRule \.(js|css|gif|png|jpg|ico|txt|woff|woff2)$ - [L,NC]
And my nginx config :
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl;
listen [::]:443 ssl;
server_name _;
root /var/www;
index index.php;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
location ~ {
try_files $uri $uri/ /index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
The significant parts of the configuration would be:
root /var/www;
index index.php;
location = / { }
location / {
try_files $uri $uri/ /controller.php;
}
location /api {
try_files $uri $uri/ /api/controller.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
The first two lines are from your original configuration.
The location = will ensure that the URI / obeys the index index.php rather than the try_files rule next.
The location / defines the default action, serving image.png, index.php on subdirectories and controller.php on anything else.
The location /api modifies this behaviour with respect to controller.php.
The location ~ \.php$ block implements the fastcgi interface. Notice that include fastcgi_params; should come before any fastcgi_param directives to avoid the latter being silently overridden.
If you would like the URI domain.com/blah.php to call controller.php instead of throwing a 404, then change the =404 to /controller.php.
Please see this for a list of nginx directives.
We're moving a CakePHP Framework installation to a server where there's an Nginx running. Previous server had Apache. This CakePHP has multiple sub-installations on subfolders which all include the /app/webroot/ folder. We've managed to get the index.php working but all the other files located under /app/webroot/ like javascript and CSS don't link up there.
Now, we've tried getting this to work on nginx with multiple different variations. The problem is, the site loads up PHP files and clean URL'S work. Loading CSS and JS files which are located under /app/webroot/ don't.
We're trying to set up the root to subdomain.example.com where there's an index.php with a header() function to redirect the user to a folder, where there's CakePHP. Basically multiple sites under sub folders. So the CakePHP sites are http://subdomain.example.com/subfolder
Here's the nginx conf we're trying. I've been trying various different options with no effect.
server {
rewrite ^(.*) http://example.com$1 permanent;
}
server {
listen 80;
server_name example.com www.example.com subdomain.example.com;
access_log /home/example.com/logs/access.log;
error_log /home/example.com/logs/error.log error;
root /home/example.com/public_html/;
index index.php;
gzip_static on;
location /subfolder {
root /home/example.com/public_html/subfolder/;
index index.php;
rewrite ^/subfolder/(/.*)$ /app/webroot$1 break;
try_files $uri $uri/ /subfolder/app/webroot/index.php?$args;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
location ~ \.php$ {
try_comles $uri =404;
include fastcgi_params;
fastcgi_pass unix:/var/run/example.com-php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
app/webroot/ will be your server root. And separate location for process index.php file.
Example:
server {
listen 80;
server_name yourserver.com;
root /web/path/;
index index.php;
location / {
rewrite ^(/.*)$ /app/webroot$1 break;
try_files $uri $uri/ /app/webroot/index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
I have nginx web server installed and https domain. I want to make a sub-directory /dap in root folder to use http and exclude from ssl. Please guide me through this.
My /etc/nginx/sites-available virtual host file for this domain is as below,
# WPSINGLE FAST CGI NGINX CONFIGURATION
server {
listen 198.27.70.206:80;
server_name howtofightnow.com;
return 301 https://howtofightnow.com$request_uri;
}
server {
listen 443 ssl;
server_name howtofightnow.com;
ssl on;
ssl_certificate /etc/nginx/ssl/howtofightnow_com.pem;
ssl_certificate_key /etc/nginx/ssl/server.key;
#listen 198.27.70.206:80;
#server_name howtofightnow.com;
access_log /var/log/nginx/howtofightnow.com.access.log rt_cache;
error_log /var/log/nginx/howtofightnow.com.error.log;
root /var/www/howtofightnow.com/htdocs;
index index.php index.htm index.html;
location /zabbix {
if ($scheme ~ ^http:){
rewrite ^(.*)$ https://$host$1 permanent;
}
alias /usr/share/zabbix;
index index.php;
error_page 403 404 502 503 504 /zabbix/index.php;
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
expires epoch;
include fastcgi_params;
fastcgi_index index.php;
fastcgi_pass php;
}
location ~ \.(jpg|jpeg|gif|png|ico)$ {
access_log off;
expires 33d;
}
}
# Use Cached Or Actual File If They Exists, Otherwise Pass Request To WordPress
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ .php$ {
try_files $uri /index.php?args;
include fastcgi_params;
fastcgi_pass php;
}
location /vma {
root /usr/local/vimbadmin/public ;
try_files $uri $uri/ /index.php?$args;
location ~ .php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass php;
}
}
rewrite ^/index.php/register/thanks(.*) /register/thanks$1 permanent;
include /etc/nginx/common/locations.conf;
}
Simply add this location (/dap) to your http server section, plus add a separate root location, as following:
server {
listen 198.27.70.206:80;
server_name howtofightnow.com;
location / {
return 301 https://howtofightnow.com$request_uri;
}
location /dap/ {
# specific rules for this location go here
}
}