I am new to nginx, I have just installed it two days ago, was searching for the correct configuration but still having issue with css js not loaded,
already checked permissions and deploy files correctly
this is the content of my nginx.conf
please help with the correct config
CentOs 9, PHP 7.3, Magento 2.4
server {
listen 80;
server_name www.mydomain.com;
set $MAGE_ROOT /usr/share/nginx/html/domainuser;
include /usr/share/nginx/html/domainuser/nginx.conf.sample;
}
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# Deny access to sensitive files
location /.user.ini {
deny all;
}
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|custom_options|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2|html|json)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
try_files $uri $uri/ /get.php$is_args$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php$is_args$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php$is_args$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
location /media/custom_options/ {
deny all;
}
location /errors/ {
location ~* \.xml$ {
deny all;
}
}
# PHP entry point for main application
location ~ ^/(index|get|static|errors/report|errors/404|errors/503|health_check)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=756M \n max_execution_time=18000";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
deny all;
}
Related
Im currently developing an api with laravel 8, Nginx as web server.
but the request is getting blocked on server side.
here is my unity code
public IEnumerator MasterJsonDownload()
{
request = UnityWebRequest.Get("http://localhost:8000/GetMaster");
request.SetRequestHeader("Access-Control-Allow-Origin", "*");
request.SetRequestHeader("Method", "GET");
yield return request.SendWebRequest();
if (request.result == UnityWebRequest.Result.Success)
{
JsonLoad(request.downloadHandler.text);
_isFinished = true;
}
else
{
Debug.LogError(request.error);
}
}
here is Nginx conf setting
access_log /dev/stdout main;
error_log /dev/stderr warn;
server {
listen 80;
root /var/www/kinoko_server/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
# set client body size to 1024M #
client_max_body_size 1024M;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
if ($request_method = 'GET') {
add_header Access-Control-Allow-Origin '*';
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
add_header Content-Type text/plain;
add_header Content-Length 0;
return 204;
}
add_header Access-Control-Allow-Origin '*';
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
on laravel side, I added fruitcake by composer and made sure to add it to the 1st line of Kernel.php $middleware array
cros.php is present and only changed this value
'exposed_headers' => ['*'],
then I include the header with my response
return $json_data
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Headers', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');;
the response is working on browser, but it is getting blocked if I made it from unity.
I`m still learning and I might have forgotten a step.
by the way, I`m using docker to build up my environment.
link
This is what my current server block looks like:
server {
listen 80;
server_name www.domain.com domain.com;
return 301 https://www.domain.com$request_uri;
access_log /var/log/nginx/domain.com.access;
error_log /var/log/nginx/domain.com.error error;
}
## BETA
server {
listen 443 ssl http2;
keepalive_timeout 300;
This works perfectly in redirecting non https www and non https non www to https://www.domain.com
Unfortunately https non www was not being redirected so I altered to this:
server {
listen 80;
server_name www.domain.com domain.com;
return 301 https://www.domain.com$request_uri;
access_log /var/log/nginx/domain.com.access;
error_log /var/log/nginx/domain.com.error error;
}
## BETA
server {
listen 443 ssl http2;
server_name domain.com;
return 301 https://www.domain.com$request_uri;
keepalive_timeout 300;
Unfortunately this only managed to crash the server.
Any input on what I'm doing wrong would be greatly appreciated.
As requested here is my conf file. nginx -t returns a success
server {
listen 80;
server_name www.example.com example.com;
return 301 https://www.example.com$request_uri;
access_log /var/log/nginx/example.com.access;
error_log /var/log/nginx/example.com.error error;
}
## BETA
server {
listen 443 ssl http2;
keepalive_timeout 300;
charset utf-8;
add_header Strict-Transport-Security 'max-age=63072000; includeSubDomains; preload';
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
ssl_certificate /etc/ssl/certs/wc.example.com.pem;
ssl_certificate_key /etc/ssl/certs/wc.example.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 30m;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
server_name www.example.com;
# SSL buffer size was added in 1.5.9
ssl_buffer_size 1400; # 1400 bytes to fit in one MTU
access_log /var/log/nginx/dev.example.com.access;
error_log /var/log/nginx/dev.example.com.error error;
root /srv/storage/pxpubl29/www.example.com/htdocs/;
index index.php index.html index.htm;
location / {
#try_files $uri $uri/ =404;
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ ^/pages {
try_files $uri /index.php$is_args$args;
rewrite ^/pages/free_chat.php$ /pages/free-chat.php permanent;
}
location ~ ^/upl {
client_max_body_size 400M;
client_body_buffer_size 1024k;
# For CORS
if ($request_method = OPTIONS) {
add_header Pragma no-cache;
add_header X-Content-Type-Options nosniff;
# Access control for CORS
add_header Access-Control-Allow-Origin "https://www.example.com";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent";
add_header Access-Control-Allow-Credentials "true";
# 10 minute pre-flight approval
add_header Access-Control-Max-Age 600;
return 204;
}
if ($request_method = POST) {
add_header Pragma no-cache;
add_header X-Content-Type-Options nosniff;
#add_header Cache-control "no-story, no-cache, must-revalidate";
# Access control for CORS
add_header Access-Control-Allow-Origin "https://www.example.com";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "cache-control, content-range, accept, origin, session-id, content-disposition, x-requested-with, content-type, content-description, referer, user-agent";
add_header Access-Control-Allow-Credentials "true";
# 10 minute pre-flight approval
add_header Access-Control-Max-Age 600;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_VALUE "session.name=space_sid
session.cookie_domain=.example.com
upload_max_filesize=400M
post_max_size=400M";
include fastcgi_params;
fastcgi_index index.php;
}
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_VALUE "session.name=space_sid
session.cookie_domain=.example.com
upload_max_filesize=400M
post_max_size=400M";
include fastcgi_params;
fastcgi_index index.php;
}
location /samples {
return 301 /;
}
location ~ ^/large {
try_files $uri $uri/ /large/index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
}
}
location /avc {
rewrite ^/avc/users_(.+)$ /avc/users_php.php break;
rewrite ^/avc/undefined$ /avc/integration_xml.php break;
rewrite ^/avc/avc_settings.xml$ /avc/integration_xml.php break;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
}
location = /avc/avc_settings.xml {
rewrite ^(.*)$ /avc/integration_xml.php break;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_index index.php;
}
location /upl/server/php/files {
location ~ \.php$ {return 403;}
}
location ~ .*/\.git {
deny all;
}
# Force the latest IE version
add_header "X-UA-Compatible" "IE=Edge";
# This tells Nginx to cache open file handles, "not found" errors, metadata about files and their permissions, etc.
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
#location ~* \.(js|css|png|jpg|jpeg|gif|ico|ttf|svg)$ {
# expires 14d;
# add_header Pragma "public";
# add_header Cache-Control "public, must-revalidate, proxy-revalidate";
#}
# The X-Frame-Options header indicates whether a browser should be allowed
# to render a page within a frame or iframe.
add_header X-Frame-Options SAMEORIGIN;
# MIME type sniffing security protection
# There are very few edge cases where you wouldn't want this enabled.
add_header X-Content-Type-Options nosniff;
# The X-XSS-Protection header is used by Internet Explorer version 8+
# The header instructs IE to enable its inbuilt anti-cross-site scripting filter.
add_header X-XSS-Protection "1; mode=block";
# cache.appcache, your document html and data
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
}
# Feed
location ~* \.(?:rss|atom)$ {
expires 1h;
add_header Cache-Control "public";
}
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|swf|mp3)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
# WebFonts
# If you are NOT using cross-domain-fonts.conf, uncomment the following directive
location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# ERROR Pages
error_page 404 /error/404/;
error_page 403 /error/403/;
error_page 401 /error/401/;
# ACL
# deny all;
}
I'm a bit stuck. I'm setting up a new installation of JTL-Shop3 on Nginx. But whenever I call https://www.domain.tld/ it becomes http://www.domain.tld/ and the other way around and ends up showing an error because the webpage is redirecting in a loop.
Here is my nginx config for Non-SSL
# redirect non www to www
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name trendboxx.eu www.trendboxx.eu;
return 301 https://www.trendboxx.eu$request_uri;
}
And here the config for the SSL vhost
server {
listen 443 ssl;
ssl on;
ssl_certificate /srv/www/trendboxx.eu/certificates/www.trendboxx.eu.crt;
ssl_certificate_key /srv/www/trendboxx.eu/certificates/www.trendboxx.eu.key;
server_name www.trendboxx.eu;
access_log /srv/www/trendboxx.eu/logfiles/nginx.access.log;
error_log /srv/www/trendboxx.eu/logfiles/nginx.error.log;
root /srv/www/trendboxx.eu/public_html;
index index.php;
location / {
# try file => folder => JTL-Shop3 Search
try_files $uri $uri/ /index.php?q=$uri$args;
}
# error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# JTL-Shop3 expires for static files
location ~* \.(eot|ttf|woff|css|less)$ {
expires max;
add_header Access-Control-Allow-Origin *;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
}
# PHP handler
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_read_timeout 180;
proxy_read_timeout 180;
}
# deny access to hidden files
location ~ /\. {
deny all;
}
}
I am gratefull for every hint on how to solve this problem.
I am trying to convert my apache redirection directives to nginx one, for now I have the following directive:
server {
listen 80;
index index.php index.html;
server_name myvisit_head;
root /var/www/mv/head/myvisit/;
access_log /var/log/nginx/myvisit-access.log;
error_log /var/log/nginx/myvisit-error.log;
# Use gzip compression
# gzip_static on; # Uncomment if you compiled Nginx using --with-http_gzip_static_module
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 5;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/$
# error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www;
}
# Deny access to hidden files
location ~* /\.ht {
deny all;
access_log off;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* /myvisitv3 {
rewrite /(myvisitv3|myvisitV3|myVisitv3|myVisitV3)([-_])(.*).(html|php)$ /myvisitv3.php?libAdresse=$3 break;
}
# Pass PHP scripts on to PHP-FPM
include global/php-fpm.conf;
location ~* \.php$ {
try_files $uri /index.php;
fastcgi_index index.php;
fastcgi_pass php5-fpm-sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/profile/external/header.php \n
auto_append_file=/var/www/profile/external/footer.php";
include /etc/nginx/fastcgi_params;
}
}
but when I try to access the url I get a 404 not found error.
I have tried both with location, request_uri directive but the result is the same
here's my apache rules:
RewriteEngine on
RewriteRule ^(myvisitv3|myvisitV3|myVisitv3|myVisitV3)([-_])(.*).(html|php)$ myvisitv3.php?libAdresse=$3 [L,QSA]
RewriteRule ^(openVisit|openvisit).(html|php)$ openvisitv3.php [L,QSA]
RewriteRule ^(favicon).(ico|png|bmp|jpg)$ web/img/favicon.ico [L,QSA]
These rules use case insensitive matching to spare us the hassle of handling those so many cases.
location ~* /myvisitv3[-_](.*)\.(?:html|php) {
try_files $uri $uri/ /myvisitv3.php?libAdresse=$1;
}
location ~* /openvisit\.(?:html|php)$ {
try_files $uri $uri/ /openvisitv3.php;
}
location ~* /favicon\.(?:ico|png|bmp|jpg)$ {
try_files $uri $uri/ /web/img/favicon.ico;
}
QUESTION: What am I missing or doing wrong?
I'm trying to migrate fully functional Zend Framework application from Apache2 with mod_php5 to nginx with php5-fpm. I get this kind of errors:
2012/06/27 12:08:04 [error] 1986#0: *1 open() "/var/www/public/sales/live-trials-json" failed (2: No such file or directory), client: *.*.*.*, server: www.mydomain.com, request: "POST /sales/live-trials-json HTTP/1.1", host: "www.mydomain.com", referrer: "https://www.mydomain.com/sales/live-trials"
Here are my configuration files:
a) /etc/nginx/sites-enabled/www
server {
listen 80;
listen 443 default ssl;
server_name www.mydomain.com;
root /var/www/public;
ssl_certificate /etc/nginx/ssl/mydomain.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
index index.php index.phtml index.html;
location = /(favicon.ico|robots.txt) {
access_log off;
log_not_found off;
}
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
location / {
try_files $uri $uri/ /index.php;
}
location ~ /\.ht {
deny all;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
}
b) /etc/nginx/fastcgi_params
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
c) /etc/php5/fpm/pool.d/www.conf
[www]
user = www-data
group = www-data
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 20
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 6
chdir = /
d) ls -al /var/www
drwxr-xr-x 7 www-data www-data 4096 Jun 27 10:52 application
drwxr-xr-x 5 www-data www-data 4096 Jun 27 10:52 library
drwxr-xr-x 10 www-data www-data 4096 Jun 27 12:05 public
e) nginx -V
nginx version: nginx/1.1.19
TLS SNI support enabled
configure arguments:
--prefix=/etc/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-client-body-temp-path=/var/lib/nginx/body
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi
--http-log-path=/var/log/nginx/access.log
--http-proxy-temp-path=/var/lib/nginx/proxy
--http-scgi-temp-path=/var/lib/nginx/scgi
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi
--lock-path=/var/lock/nginx.lock
--pid-path=/var/run/nginx.pid
--with-debug
--with-http_addition_module
--with-http_dav_module
--with-http_geoip_module
--with-http_gzip_static_module
--with-http_image_filter_module
--with-http_realip_module
--with-http_stub_status_module
--with-http_ssl_module
--with-http_sub_module
--with-http_xslt_module
--with-ipv6
--with-sha1=/usr/include/openssl
--with-md5=/usr/include/openssl
--with-mail
--with-mail_ssl_module
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-auth-pam
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-echo
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-upstream-fair
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-dav-ext-module
f) php -v (this is cli version, but I swear I am running nginx with fpm:)
PHP 5.3.10-1ubuntu3 with Suhosin-Patch (cli) (built: Apr 11 2012 17:25:33)
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies
Alright, after long and exhausting struggles, I've managed to figure out this madness. So, I've started everything from scratch and here is what I've learned:
Entire weirdness is somewhere in location ~* ... { ... }, so whoever have better experience, please explain why :-) Meanwhile I'll manage assets and caching on application layer.
My functional configuration file looks like this:
server {
listen 80;
listen 443 default ssl;
server_name www.mydomain.com;
root /var/www/public;
ssl_certificate /etc/nginx/ssl/mydomain.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
index index.php index.phtml index.html;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
}
Thanks for trying, especially #sarnold and #sergei-lomakov!
Your nginx configuration is little wrong.
Because agree with your rules, nginx tries to access /var/www/public/sales/live-trials-json
which doesn't exist.
Because I don't know which endpoints your application use, I suggest you to make two nginx locations. First , for all static files (with regexp) create this location:
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
All another queries should be proxied to apache:
location / {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
Make little change with this rule:
location ~* ^/(favicon.ico|robots.txt)$ {
access_log off;
log_not_found off;
}
Of course, you can leave ".ht settings" untouched:
location ~ /\.ht {
deny all;
}
So, Final config will be:
server {
listen 80;
listen 443 default ssl;
server_name www.mydomain.com;
root /var/www/public;
ssl_certificate /etc/nginx/ssl/mydomain.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
index index.php index.phtml index.html;
location ~* ^/(favicon.ico|robots.txt)$ {
access_log off;
log_not_found off;
}
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
location ~ /\.ht {
deny all;
}
location / {
fastcgi_pass 127.0.0.1:9000;
# I'm not sure that this setting is needed:
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
}
As you noted, your problem is with
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
This matches your POST uri of /sales/live-trials-json because it hasn't been anchored to the end of the uri path, and . matches any character. This means that '-js' matches. To fix this, you just need to add a \ (to match a literal '.') and a $ (to anchor the match at the end of the uri path):
location ~* \.(css|js|jpeg|jpg|gif|png|ico|xml)$ {
access_log off;
expires 30d;
}