AlexT
Well-known member
Have you tried redefining your fastcgi statements within the protected location block? Just a hunch, but it seems that otherwise your PHP won't be executed.
NGINX
- Thread starter TPerry
- Start date
Have you tried redefining your fastcgi statements within the protected location block? Just a hunch, but it seems that otherwise your PHP won't be executed.
Puntocom
Well-known member
This is my config: http://xenforo.com/community/resources/nginx-ssl-configuration-for-xenforo.2252/
I just added that code at the end before the }
Do you mean that I should include that code into the location / { } block ?
I just added that code at the end before the }
Do you mean that I should include that code into the location / { } block ?
TPerry
Well-known member
Outside (above) the location / block
Code:
location ~/admin\.php$ {
auth_basic "Administrator Login";
auth_basic_user_file /path/to/your/htacess.pwd.file;
root /path/to/your/root/directory;
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}You can even take it further and allow only certain IP's to connect to it by the allow/deny option.
Last edited:
Puntocom
Well-known member
Thank you. I have to modify it a little, so my config is:
Code:
location ~/admin\.php$ {
auth_basic "Administrator Login";
auth_basic_user_file /path/to/htpasswd;
root /var/www/example.com;
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
include fastcgi_params;
}AlexT
Well-known member
Looks OK; only, unless you have a good reason to do so (such as overwriting your default root), you shouldn't use root within location. See http://wiki.nginx.org/Pitfalls#Root_inside_Location_Block.
Floren
Well-known member
Why do you use a regex? Also, root and fastcgi_index are useless there.
I am amazed when I see the configurations posted into previous posts. Do you guys take the time to read the Nginx documentation or just Google it and paste no matter what you feel like into your files? Please, START reading the documentation (the real one, not the wiki.nginx.org), 99% of configurations posted on Internet are simply insane! Igor took the time to write the documentation with clear examples, I have no idea why nobody is following his excellent guidelines. Here a simple setup I posted awhile ago, to get you started:
https://www.axivo.com/community/threads/basic-nginx-configuration-file.128/
Start from there and add settings to your config files AFTER you read what they do!
Edit: Don't ask me what is the correct configuration for admin.php, because I will not post it. The only way you will learn to configure properly Nginx is by reading the documentation. What fits on your server configuration, it will never fit on mines... or viceversa. That is why you need to start from scratch and LEARN everything. Nginx configuration is unique for every site, copy/paste from Google won't cut it. If you don't want to learn, then you should stick with Apache.
Example of Nginx insanity, turned into sanity:
http://xenforo.com/community/threads/apache-to-nginx-rewrite-rule.56970/
Last edited:
TPerry
Well-known member
because they are defined totally out of the location / area and I found that it did not reliably work without it. Simple enough?
And I used a regex because I was seeing if it would work (which it does) since I'm trying to become more familiar with them.
Actually, mine are working just fine thank you.
Floren
Well-known member
Defining a custom location outside / that needs specific conditions is the right approach, you are NOT supposed to define it inside /. Also, Nginx parses the configuration file entirely at start, so placing something above or below root location won't matter. This:
Code:
location /forum {
# some configuration
}
location / {
# default configuration
}
Code:
location / {
# default configuration
}
location /forum {
# some configuration
}For your knowledge, regular expressions are tested sequentially and therefore are the slowest method and non-scalable (searching wildcard names hash table is slower than searching exact names hash table). In other words, you should avoid them as much as possible. In your case, you already know the exact file location:
Code:
location / {
# default configuration
}
location = /admin.php {
# some configuration
}Saying "is working" is not equal to producing efficient/correct results.
AlexT
Well-known member
Yes sir. Amen.
TPerry
Well-known member
Because --- using your provided example results in the below when you try to go to the admin.php page. As they say... a picture is worth a thousand words.
Placing the
Code:
try_files $uri =404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;I do the same thing with my phpmyadmin since I have a symbolic link to it by another name (beats those that are trying /phpmyadmin access - you have to know the off the wall symbolic link name I have).
Last edited:
TPerry
Well-known member
I'm fully aware of the sequential reading... and that is why I place a higher priority on the admin.php... personal preference. Apparently you didn't key in on the "ABOVE the base location" statement I made. Since it reads it sequentially - it's not defined for the fastcgi process for that location statement - ergo - it has to be defined IN it.
Floren
Well-known member
I apologize, I probably misunderstand what are you referring to. Are you referring to defining the fastcgi params into a specific .php location? In that case, yes, you need to define them inside, like I posted into my basic Nginx configuration. What I was trying to highlight is the illogical use of regex for an exact location, as well other parameters that are omitted or added without a clear understanding what they do. Also, there is no such thing as "higher priority" in Nginx.
https://www.axivo.com/community/admin.php
Works for me?Because --- using your provided example results in the below when you try to go to the admin.php page. As they say... a picture is worth a thousand words.
https://www.axivo.com/community/admin.php
TPerry
Well-known member
What I am referring to is I have seen people define locations within the base location / directive. I don't like to do that (as for me it can get to be a little tedious keeping up with the different segments). It's just easier for me to keep it outside - and yes, the fastcgi is what I was referring to. Agreed with the regex - and since I found that it did work I just left it at that. If you know the exact file name then that is always better - I have 13 vhosts defined over 3 servers and 1 VPS and I happened to grab the one that I had open in the SSH window (which is where I was playing with the regex structure). I think we were talking from two different ends... When I posted that I was in the middle of a BO2 game trying to get my 9th bloodthirsty on the M1216.
Floren
Well-known member
Thank you for explaining, you are absolutely right.
To complete your explanation, the / should be used as a global start, more exactly what needs to happen on every single Nginx action/call. Then you branch out specific actions, for different locations.
Wrong:
Code:
location / {
location /alpha {
}
}
Code:
location / {
}
location /alpha {
}
Code:
location / {
}
location /alpha {
location /alpha/beta {
}
location /alpha/gamma {
}
}This is a perfect example of a very bad configuration:
Code:
location /forum {
try_files $uri $uri/ /forum/index.php?$uri&$args;
}
location ~ /forum/(internal_data|library) {
internal;
}
Code:
location /forum {
try_files $uri $uri/ /forum/index.php?$uri&$args;
location /forum/internal_data {
internal;
}
location /forum/library {
internal;
}
}
Code:
location /forum {
try_files $uri $uri/ /forum/index.php?$uri&$args;
}
location /forum/data {
location ~ \.html$ {
internal;
}
internal;
}
location /forum/internal_data {
location ~ \.(data|html|php)$ {
internal;
}
internal;
}
location /forum/install {
location ~ \.(css|php|xml)$ {
internal;
}
internal;
}
location /forum/library {
location ~ \.(default|html|php|txt|xml)$ {
internal;
}
internal;
}https://www.axivo.com/community/library/config.php
Yet, we all know the config file exists.
Hopefully, these examples will help other people understand how important is NOT copy/paste from Internet and rather read the Nginx documentation. DO NOT copy/paste the above configurations, instead try to understand the logic and apply it to your setup.
Last edited:
Floren
Well-known member
I only use TCP. I noticed some unpredictable issues when I combine TCP with a socket, or socket alone.
p4guru
Well-known member
Proper configuration:
Or, if you really want to have it done the proper way (which I use now):Code:location /forum { try_files $uri $uri/ /forum/index.php?$uri&$args; location /forum/internal_data { internal; } location /forum/library { internal; } }
Result:Code:location /forum { try_files $uri $uri/ /forum/index.php?$uri&$args; } location /forum/data { location ~ \.html$ { internal; } internal; } location /forum/internal_data { location ~ \.(data|html|php)$ { internal; } internal; } location /forum/install { location ~ \.(css|php|xml)$ { internal; } internal; } location /forum/library { location ~ \.(default|html|php|txt|xml)$ { internal; } internal; }
https://www.axivo.com/community/library/config.php
Yet, we all know the config file exists.
Hopefully, these examples will help other people understand how important is NOT copy/paste from Internet and rather read the Nginx documentation. DO NOT copy/paste the above configurations, instead try to understand the logic and apply it to your setup.
Interesting indeed.. can you point me to the specific location in Nginx documentation this is mentioned, can't seem to find it ?
specifically for
Code:
location /forum {
try_files $uri $uri/ /forum/index.php?$uri&$args;
location /forum/internal_data {
internal;
}
location /forum/library {
internal;
}
}p4guru
Well-known member
Ah found some of it at http://nginx.org/en/docs/http/server_names.html#optimization
minus any illustrative example as Floren outlined
minus any illustrative example as Floren outlined
Floren
Well-known member
The documentation is here:Ah found some of it at http://nginx.org/en/docs/http/server_names.html#optimization
minus any illustrative example as Floren outlined
http://nginx.org/en/docs/
Start reading on the http core module, more exactly location. Everything is very well explained.
Similar threads
- Question