Reputation: 6467
Nginx configuration not working
I've just switched from Apache to nginx and it still takes some getting used to (and a lot of learning).
I'm running a Pagekit website which has this configuration: https://gist.github.com/DarrylDias/be8955970f4b37fdd682
server {
listen 80;
listen [::]:80;
# SSL configuration
listen 443 ssl;
listen [::]:443 ssl;
ssl on;
ssl_certificate /etc/ssl/private/mydomain.com.crt;
ssl_certificate_key /etc/ssl/private/mydomain.com.private.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_client_certificate /etc/ssl/private/cloudflare.origin-pull-ca.pem;
ssl_verify_client on;
server_name mydomain.com www.mydomain.com;
root /home/vhosts/domains/mydomain.com/public/;
index index.php;
# Leverage browser caching of media files for 30 days
location ~* \.(?:ico|css|js|gif|jpe?g|png|ttf|woff)\$ {
access_log off;
expires 30d;
add_header Pragma public;
add_header Cache-Control "public, mustrevalidate, proxy-revalidate";
}
location / {
try_files $uri $uri/ /index.php?$args;
}
# Deny access to sensitive folders
location ~* /(app|packages|storage|tmp)/.*$ {
return 403;
}
# Deny access to files with the following extensions
location ~* \.(db|json|lock|dist|md)$ {
return 403;
}
# Deny access to following files
location ~ /(config.php|pagekit|composer.lock|composer.json|LICENSE|\.htaccess) {
return 403;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php7-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param HTTP_MOD_REWRITE On;
}
}
Unforunately, many (including me) have the issue that files with extensions such as js|css|jpg|<etc> are getting a 403 response because they're located inside either the app or packages directory.
I've attempted multiple regexes to try and give the location for these files a higher priority in nginx, but they seemed to have no effect.
How should this config file be changed in order to allow these kind of files, but still return a 403 on all other files inside those directories?
EDIT: the file URL's look like https://example.com/app/js/something.min.js?v=1921 perhaps it doesn't work because of the ?v=1921 ?
Upvotes: 0
Views: 1263
Answers (1)
Reputation: 6438
According to nginx's document:
nginx checks locations given by regular expression in the order listed in the configuration file
So first you need to move your last location to the top.
Then the regular expression that tries to match static files is also incorrect. The dollar sign "$" should match the end of path but it was escaped by a prior backslash "\" (so it actually matches a character "$"). Remove the backslash will fix your issue:
location ~* \.(?:ico|css|js|gif|jpe?g|png|ttf|woff)$ {
...
}
Upvotes: 2
Related Questions
- Nginx not working on port 80
- What is wrong with my nginx.conf?
- Why nginx gives error 404 not found when i created a new configuration file?
- nginx ignores my site configuration
- NGINX config not working
- nginx setup does not work
- Nginx configuration not updating for browser
- Nginx does not read my config file
- NGINX Config PHP Trouble
- Problems with nginx.conf