We Keep Coding

Nginx rewrite rule for a subfolder

Im trying to rewrite a url like below:
https://example.com/products/product-post ---> https://example.com/product-post
But i want in the same time the url https://example.com/products/ to be accessible, without any modifications since its a product catalog.
This is not working causing a 500 server error:
location /products/ {
rewrite ^/(.*)$ /products/$1 last;
}
For organizing reasons i keep my files in /products/file1, file2 etc.
Perhaps i should be using "alias" and not "rewrite"?
Thank you.
UPDATE: Below is my server.conf config
server {
server_name www.example.com;
listen 80;
listen 443 ssl spdy;
listen [::]:80;
listen [::]:443 ssl spdy;
ssl_certificate /opt/ssl/example.com.chained.crt;
ssl_certificate_key /opt/ssl/example.com.key;
# Non-www redirect
return 301 https://example.com$request_uri;
}
server {
server_name example.com;
listen 443 ssl spdy;
listen [::]:443 ssl spdy;
root /home/html_public;
charset UTF-8;
ssl_certificate /opt/ssl/example.com.chained.crt;
ssl_certificate_key /opt/ssl/example.com.key;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
keepalive_timeout 70;
ssl_buffer_size 1400;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=86400;
resolver_timeout 10;
ssl_trusted_certificate /opt/ssl/example.com.chained.crt;
location ~* \.(jpg|jpeg|gif|png|ico|cur|gz|svgz|mp4|ogg|ogv|webm|htc|css|js|otf|eot|svg|ttf|woff|woff2)(\?ver=[0-9.]+)?$ {
expires 1M;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
}
#access_log logs/host.access.log main;
#===BAN COUNTRIES START ==============
if ($allowed_country = no) {
return 403;
}
if ($bad_referer) {
return 444;
}
location #extensionless-php {
rewrite ^(.*)/$ $1.php last;
rewrite ^(.*[^/])$ $1/ permanent;
}
location / {
try_files $uri $uri/ #extensionless-php;
#limit_conn num_conn 15;
#limit_req zone=num_reqs;
}
#=====PAGE SPEED START==========
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
#=====PAGE SPEED END==========
error_page 404 /404.php;
#pass the PHP scripts to FastCGI server listening on php-fpm unix socket
location ~ \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort off;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 4 256k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
include fastcgi_params;
}
location = /robots.txt {
access_log off;
log_not_found off;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
#=====START phpMyAdmin==============#
location /phpMyAdmin {
root /usr/share/;
location ~ ^/phpMyAdmin/(.+\.php)$ {
root /usr/share/;
try_files $uri =404;
fastcgi_index index.php;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/phpMyAdmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpmyadmin {
rewrite ^/* /phpMyAdmin last;
}
#=====END phpMyAdmin==============#
location /webmail {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/webmail/(.+\.php)$ {
root /usr/share/;
try_files $uri =404;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/webmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
#====Out Link REDIRECTS===============
location /go/ {
rewrite ^/go/(.*)$ /go/site-linker.php?site=$1 last;
}
location ~ /products/(.+) {
rewrite ^/products/(.*)$ /$1 last;
}
}
In the logs im getting this:
2016/04/24 12:07:45 [notice] 6810#0: *1 "^/products/(.*)$" does not match "/xperia-z5/", client: 192.168.10.2, server: 192.168.10.1, request: "GET /xperia-z5/ HTTP/1.1", host: "192.168.10.1"
2016/04/24 12:07:45 [notice] 6810#0: *1 "^/products/(.*)$" does not match "/xperia-z5/", client: 192.168.10.2, server: 192.168.10.1, request: "GET /xperia-z5/ HTTP/1.1", host: "192.168.10.1"
2016/04/24 12:07:45 [notice] 6810#0: *1 "^(.*)/$" matches "/xperia-z5/", client: 192.168.10.2, server: 192.168.10.1, request: "GET /xperia-z5/ HTTP/1.1", host: "192.168.10.1"
2016/04/24 12:07:45 [notice] 6810#0: *1 "^(.*)/$" matches "/xperia-z5/", client: 192.168.10.2, server: 192.168.10.1, request: "GET /xperia-z5/ HTTP/1.1", host: "192.168.10.1"
2016/04/24 12:07:45 [notice] 6810#0: *1 rewritten data: "/xperia-z5.php", args: "", client: 192.168.10.2, server: 192.168.10.1, request: "GET /xperia-z5/ HTTP/1.1", host: "192.168.10.1"
2016/04/24 12:07:45 [notice] 6810#0: *1 rewritten data: "/xperia-z5.php", args: "", client: 192.168.10.2, server: 192.168.10.1, request: "GET /xperia-z5/ HTTP/1.1", host: "192.168.10.1"

https://www.digitalocean.com/community/tutorials/understanding-nginx-server-and-location-block-selection-algorithms
I've updated my rewrite sample config - https://github.com/TeXXaS/nginx-configs/tree/master/rewrite
From that tutorial - if you use rewrite, index or something like that nginx will internally reprocess request. To deal with that - I've added prods directory - so for .../products/ nginx serves /prods/index.html - while for all other .../products/(.+) - request is redirected to root. So if you type http://localhost:10080/products/index.html - it will show index.html from root, with out changing path in your browser. Hope it helps... :)

After a lot of trial and error, the sulution turned out to be:
location / {
try_files $uri $uri/ #extensionless-php;
rewrite /(.+$) /products/$1 break;
}
location = /products/ {
index index.php;
}
I hope this will help someone in the future.

nginx 301 redirect to incorrect vhost

I'm having a 301 redirect issue for multiple sites pointing to our primary site although the intended affected sites are in their own server blocks. If I disable the primary site, the others work as intended, so it seems something in the primary config is trumping the others. Any help would be appreciated.
/etc/nginx/nginx.conf:
user nginx;
worker_processes 8;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /var/log/nginx/access.log;
access_log off;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
client_max_body_size 50M;
client_body_buffer_size 1m;
client_body_timeout 15;
client_header_timeout 15;
keepalive_timeout 2 2;
send_timeout 15;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 120s;
fastcgi_read_timeout 120s;
fastcgi_busy_buffers_size 256k;
fastcgi_max_temp_file_size 0;
reset_timedout_connection on;
server_names_hash_bucket_size 100;
fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:10m max_size=1000m inactive=60m;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
include /etc/nginx/conf.d/*.conf;
}
This is the vhost conf that appears to be trumping other vhosts. /etc/nginx/conf.d/site1.conf:
server {
listen 10.10.10.1:80;
listen 10.10.10.1:443 ssl;
server_name ^site1\.org$ ^www\.site1\.org$ ^old\.site1domain\.org$;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
keepalive_timeout 70;
root /var/www/vhosts/site1.org/httpdocs;
index index.php;
client_max_body_size 128M;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php-fpm/site1.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include /etc/nginx/fastcgi_params;
include /etc/nginx/fastcgi.conf;
open_file_cache max=4000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
}
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
if ($scheme != "https") {
rewrite ^ https://site1.org$uri permanent;
}
if ($host != "site1.org") {
rewrite ^ https://site1.org$uri permanent;
}
#wp-super-cache
....
location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp)$ {
expires max;
}
}
Phew. OK, here is an example of a different vhost config, which does not seem to be answering requests (instead, i get a 301 to the vhost above, with or without the redirects commented out).
/etc/nginx/conf.d/site2.conf:
server {
listen 10.10.10.1:80;
server_name ^sub1\.site2\.org$;
allow all;
proxy_redirect / http://10.10.10.1:6969;
location / {
proxy_pass http://10.10.10.1:6969;
}
}
However, for some reason, this SSL proxy works as intended (on different IP):
/etc/nginx/conf.d/site3.conf:
server {
listen 10.10.10.2:443 ssl;
server_name ^sub3\.site1\.org$;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
allow all;
proxy_redirect / http://sub3.site1.org:80/;
location / {
proxy_pass http://sub3.site1.org:80/;
}
proxy_set_header Host $http_host;
}
Here is what I get when I attempt to connect to http://sub1.site2.org:
[c09 79] /etc/nginx/conf.d # wget {sub1.site2.url}
--2015-11-25 09:09:28-- {sub1.site2.url}
Resolving sub1.site2.org... 10.10.10.1
Connecting to sub1.site2.org|10.10.10.1|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: {site1.url} [following]
and so on...
Thanks in advance.

Your server_name directives are all invalid so none of them match. So nginx uses the first server container as the default and processes all requests through that.
It then hits your rewrite ^ https://site1.org$uri permanent; conditional rewrite.
If you must use regex in your server_names (although it's less efficient unless you really need it), you must prefix the name with ~. Otherwise, just use the plain name.
server_name site1.org www.site1.org old.site1domain.org;
See this document for details.

Nginx Config Endless Loop (redirect HTTP to HTTPS)

I'm a bit stuck. I'm setting up a new installation of JTL-Shop3 on Nginx. But whenever I call https://www.domain.tld/ it becomes http://www.domain.tld/ and the other way around and ends up showing an error because the webpage is redirecting in a loop.
Here is my nginx config for Non-SSL
# redirect non www to www
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
server_name trendboxx.eu www.trendboxx.eu;
return 301 https://www.trendboxx.eu$request_uri;
}
And here the config for the SSL vhost
server {
listen 443 ssl;
ssl on;
ssl_certificate /srv/www/trendboxx.eu/certificates/www.trendboxx.eu.crt;
ssl_certificate_key /srv/www/trendboxx.eu/certificates/www.trendboxx.eu.key;
server_name www.trendboxx.eu;
access_log /srv/www/trendboxx.eu/logfiles/nginx.access.log;
error_log /srv/www/trendboxx.eu/logfiles/nginx.error.log;
root /srv/www/trendboxx.eu/public_html;
index index.php;
location / {
# try file => folder => JTL-Shop3 Search
try_files $uri $uri/ /index.php?q=$uri$args;
}
# error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# JTL-Shop3 expires for static files
location ~* \.(eot|ttf|woff|css|less)$ {
expires max;
add_header Access-Control-Allow-Origin *;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
access_log off;
log_not_found off;
}
# PHP handler
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_read_timeout 180;
proxy_read_timeout 180;
}
# deny access to hidden files
location ~ /\. {
deny all;
}
}
I am gratefull for every hint on how to solve this problem.

404 error on nginx location directive

I am trying to convert my apache redirection directives to nginx one, for now I have the following directive:
server {
listen 80;
index index.php index.html;
server_name myvisit_head;
root /var/www/mv/head/myvisit/;
access_log /var/log/nginx/myvisit-access.log;
error_log /var/log/nginx/myvisit-error.log;
# Use gzip compression
# gzip_static on; # Uncomment if you compiled Nginx using --with-http_gzip_static_module
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 5;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/$
# error pages
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www;
}
# Deny access to hidden files
location ~* /\.ht {
deny all;
access_log off;
log_not_found off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~* /myvisitv3 {
rewrite /(myvisitv3|myvisitV3|myVisitv3|myVisitV3)([-_])(.*).(html|php)$ /myvisitv3.php?libAdresse=$3 break;
}
# Pass PHP scripts on to PHP-FPM
include global/php-fpm.conf;
location ~* \.php$ {
try_files $uri /index.php;
fastcgi_index index.php;
fastcgi_pass php5-fpm-sock;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param PHP_VALUE "auto_prepend_file=/var/www/profile/external/header.php \n
auto_append_file=/var/www/profile/external/footer.php";
include /etc/nginx/fastcgi_params;
}
}
but when I try to access the url I get a 404 not found error.
I have tried both with location, request_uri directive but the result is the same
here's my apache rules:
RewriteEngine on
RewriteRule ^(myvisitv3|myvisitV3|myVisitv3|myVisitV3)([-_])(.*).(html|php)$ myvisitv3.php?libAdresse=$3 [L,QSA]
RewriteRule ^(openVisit|openvisit).(html|php)$ openvisitv3.php [L,QSA]
RewriteRule ^(favicon).(ico|png|bmp|jpg)$ web/img/favicon.ico [L,QSA]

These rules use case insensitive matching to spare us the hassle of handling those so many cases.
location ~* /myvisitv3[-_](.*)\.(?:html|php) {
try_files $uri $uri/ /myvisitv3.php?libAdresse=$1;
}
location ~* /openvisit\.(?:html|php)$ {
try_files $uri $uri/ /openvisitv3.php;
}
location ~* /favicon\.(?:ico|png|bmp|jpg)$ {
try_files $uri $uri/ /web/img/favicon.ico;
}

nginx php5-fpm failed (2: No such file or directory)

QUESTION: What am I missing or doing wrong?
I'm trying to migrate fully functional Zend Framework application from Apache2 with mod_php5 to nginx with php5-fpm. I get this kind of errors:
2012/06/27 12:08:04 [error] 1986#0: *1 open() "/var/www/public/sales/live-trials-json" failed (2: No such file or directory), client: *.*.*.*, server: www.mydomain.com, request: "POST /sales/live-trials-json HTTP/1.1", host: "www.mydomain.com", referrer: "https://www.mydomain.com/sales/live-trials"
Here are my configuration files:
a) /etc/nginx/sites-enabled/www
server {
listen 80;
listen 443 default ssl;
server_name www.mydomain.com;
root /var/www/public;
ssl_certificate /etc/nginx/ssl/mydomain.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
index index.php index.phtml index.html;
location = /(favicon.ico|robots.txt) {
access_log off;
log_not_found off;
}
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
location / {
try_files $uri $uri/ /index.php;
}
location ~ /\.ht {
deny all;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
}
b) /etc/nginx/fastcgi_params
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param REDIRECT_STATUS 200;
c) /etc/php5/fpm/pool.d/www.conf
[www]
user = www-data
group = www-data
listen = 127.0.0.1:9000
pm = dynamic
pm.max_children = 20
pm.start_servers = 4
pm.min_spare_servers = 2
pm.max_spare_servers = 6
chdir = /
d) ls -al /var/www
drwxr-xr-x 7 www-data www-data 4096 Jun 27 10:52 application
drwxr-xr-x 5 www-data www-data 4096 Jun 27 10:52 library
drwxr-xr-x 10 www-data www-data 4096 Jun 27 12:05 public
e) nginx -V
nginx version: nginx/1.1.19
TLS SNI support enabled
configure arguments:
--prefix=/etc/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-client-body-temp-path=/var/lib/nginx/body
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi
--http-log-path=/var/log/nginx/access.log
--http-proxy-temp-path=/var/lib/nginx/proxy
--http-scgi-temp-path=/var/lib/nginx/scgi
--http-uwsgi-temp-path=/var/lib/nginx/uwsgi
--lock-path=/var/lock/nginx.lock
--pid-path=/var/run/nginx.pid
--with-debug
--with-http_addition_module
--with-http_dav_module
--with-http_geoip_module
--with-http_gzip_static_module
--with-http_image_filter_module
--with-http_realip_module
--with-http_stub_status_module
--with-http_ssl_module
--with-http_sub_module
--with-http_xslt_module
--with-ipv6
--with-sha1=/usr/include/openssl
--with-md5=/usr/include/openssl
--with-mail
--with-mail_ssl_module
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-auth-pam
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-echo
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-upstream-fair
--add-module=/build/buildd/nginx-1.1.19/debian/modules/nginx-dav-ext-module
f) php -v (this is cli version, but I swear I am running nginx with fpm:)
PHP 5.3.10-1ubuntu3 with Suhosin-Patch (cli) (built: Apr 11 2012 17:25:33)
Copyright (c) 1997-2012 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2012 Zend Technologies

Alright, after long and exhausting struggles, I've managed to figure out this madness. So, I've started everything from scratch and here is what I've learned:
Entire weirdness is somewhere in location ~* ... { ... }, so whoever have better experience, please explain why :-) Meanwhile I'll manage assets and caching on application layer.
My functional configuration file looks like this:
server {
listen 80;
listen 443 default ssl;
server_name www.mydomain.com;
root /var/www/public;
ssl_certificate /etc/nginx/ssl/mydomain.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
index index.php index.phtml index.html;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
}
Thanks for trying, especially #sarnold and #sergei-lomakov!

Your nginx configuration is little wrong.
Because agree with your rules, nginx tries to access /var/www/public/sales/live-trials-json
which doesn't exist.
Because I don't know which endpoints your application use, I suggest you to make two nginx locations. First , for all static files (with regexp) create this location:
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
All another queries should be proxied to apache:
location / {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
Make little change with this rule:
location ~* ^/(favicon.ico|robots.txt)$ {
access_log off;
log_not_found off;
}
Of course, you can leave ".ht settings" untouched:
location ~ /\.ht {
deny all;
}
So, Final config will be:
server {
listen 80;
listen 443 default ssl;
server_name www.mydomain.com;
root /var/www/public;
ssl_certificate /etc/nginx/ssl/mydomain.crt;
ssl_certificate_key /etc/nginx/ssl/mydomain.key;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log error;
index index.php index.phtml index.html;
location ~* ^/(favicon.ico|robots.txt)$ {
access_log off;
log_not_found off;
}
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
location ~ /\.ht {
deny all;
}
location / {
fastcgi_pass 127.0.0.1:9000;
# I'm not sure that this setting is needed:
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_intercept_errors on;
include /etc/nginx/fastcgi_params;
}
}

As you noted, your problem is with
location ~* ^.+.(css|js|jpeg|jpg|gif|png|ico|xml) {
access_log off;
expires 30d;
}
This matches your POST uri of /sales/live-trials-json because it hasn't been anchored to the end of the uri path, and . matches any character. This means that '-js' matches. To fix this, you just need to add a \ (to match a literal '.') and a $ (to anchor the match at the end of the uri path):
location ~* \.(css|js|jpeg|jpg|gif|png|ico|xml)$ {
access_log off;
expires 30d;
}