Learn about Centmin Mod LEMP Stack today
Register Now

Drupal help drupal nginx config

Discussion in 'Blogs & CMS usage' started by hardousse, Feb 14, 2016.

  1. hardousse

    hardousse Member

    84
    25
    18
    Dec 15, 2015
    Sweden
    Ratings:
    +37
    Local Time:
    1:37 PM
    1.11.*
    10.1*
    hi
    i want install Drupal site with centmin setup can anyone have working nginx config for drupal to work correctly.
    Drupal version 7.4
    thank you
     
  2. eva2000

    eva2000 Administrator Staff Member

    30,160
    6,784
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,135
    Local Time:
    8:37 PM
    Nginx 1.13.x
    MariaDB 5.5
  3. VinCent

    VinCent New Member

    3
    3
    3
    Feb 8, 2016
    Ratings:
    +3
    Local Time:
    6:37 AM
    1.9
    5
    I responded but this Forum policy forced me to create a new thread in the "Introduction" section first, so I put everything there. Try search
     
    • Like Like x 1
  4. VinCent

    VinCent New Member

    3
    3
    3
    Feb 8, 2016
    Ratings:
    +3
    Local Time:
    6:37 AM
    1.9
    5
    Modufy /usr/local/nginx/conf/conf.d/EXAMPLE.COM.conf
    for Drupal 7:
    Code:
    # Centmin Mod Getting Started Guide
    #server {
    #  listen  80;
    #  server_name d7.local;
    #  return 301 $scheme://www.d7.local$request_uri;
    #  }
    
    server {
      server_name d7.local www.d7.local;
    
      access_log /home/nginx/domains/d7.local/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/d7.local/log/error.log;
    
      root /home/nginx/domains/d7.local/public;
    
      # prevent access to ./directories and files
      location ~ (?:^|/)\. {
      deny all;
      }
    
      location / {
    
    # This is added - our primary location block.
    
      index index.php;
      try_files $uri $uri/ @rewrite;
      expires max;
      }
    
      # This matters if you use drush
    location = /backup {
    deny all;
    }
      # Very rarely should these ever be accessed outside of your lan
    location ~* \.(txt|log)$ {
    allow 127.0.0.1;
    deny all;
    }
     
    # This location block protects against a known attack.
    location ~ \..*/.*\.php$ {
    return 403;
    }
     
    # This will rewrite our request from domain.com/node/1/ to domain.com/index.php?q=node/1
    
    location @rewrite {
    rewrite ^/(.*)$ /index.php?q=$1;
    }
    # image should never be a directory. So there's no point in wasting a
    # stat to serve it that way.
      location ~ ^/sites/.*/files/imagecache/ {
      try_files $uri @rewrite;
      }
    # We're serving a static file that ends with one of the following extensions
      location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
      expires max;
      log_not_found off;
      }
     
    
      include  /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    In case you will need Drupal 8:
    Code:
    # Centmin Mod Getting Started Guide
    # must read [URL='http://centminmod.com/getstarted.html']Getting Started Guide - CentminMod.com LEMP Nginx web stack for CentOS[/URL]
    
    server {
      server_name d8.local www.d8.local;
    
      access_log /home/nginx/domains/d8.local/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/d8.local/log/error.log;
    
      root /home/nginx/domains/d8.local/public;
      index index.php index.html index.htm;
    
    # Very rarely should these ever be accessed outside of your lan
      location ~* \.(txt|log)$ {
      allow 192.168.0.36;
      deny all;
      }
    
      location ~ \..*/.*\.php$ {
      return 403;
      }
    
      location ~ ^/sites/.*/private/ {
      return 403;
      }
    
      # Block access to "hidden" files and directories - names begin with a dot
    
      location ~ (^|/)\. {
      return 403;
      }
    
      location / {
      # try_files $uri @rewrite; # For Drupal <= 6
      try_files $uri /index.php?$query_string; # For Drupal >= 7
      }
    
      location @rewrite {
      rewrite ^/(.*)$ /index.php?q=$1;
      }
    
    
      # Fighting with Styles? This little gem is amazing.
      # location ~ ^/sites/.*/files/imagecache/ { # For Drupal <= 6
      location ~ ^/sites/.*/files/styles/ { # For Drpal >= 7
      try_files $uri @rewrite;
      }
    
      location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
      expires max;
      log_not_found off;
      }
    
      include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    Success!
     
    Last edited by a moderator: Feb 23, 2016
    • Like Like x 1
  5. eva2000

    eva2000 Administrator Staff Member

    30,160
    6,784
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,135
    Local Time:
    8:37 PM
    Nginx 1.13.x
    MariaDB 5.5
  6. hardousse

    hardousse Member

    84
    25
    18
    Dec 15, 2015
    Sweden
    Ratings:
    +37
    Local Time:
    1:37 PM
    1.11.*
    10.1*
    @VinCent thank you so much for your code and your help....
     
    • Agree Agree x 1
  7. hardousse

    hardousse Member

    84
    25
    18
    Dec 15, 2015
    Sweden
    Ratings:
    +37
    Local Time:
    1:37 PM
    1.11.*
    10.1*
    @VinCent still one problem its about clean url all time test failed?any soltuion please
     
  8. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    5:37 PM
    1.7.9
    5.5
    I've got this working, but of course please correct me if something wrong

    Its works for Drupal 6 & 7 and non SSL site - Just replace mydomain.tld with your domain
    mydomain.tld.conf
    Code:
    # This is for redirect www to no www
    server {
       server_name www.mydomain.tld;
        return 301 http://mydomain.tld$request_uri;
    }
    server {
            server_name mydomain.tld;
            root /home/nginx/domains/mydomain.tld/public;
    # ngx_pagespeed & ngx_pagespeed handler include /usr/local/nginx/conf/pagespeed.conf; include
    # /usr/local/nginx/conf/pagespeedhandler.conf; include /usr/local/nginx/conf/pagespeedstatslog.conf;
            location = /favicon.ico {
                    log_not_found off;
                    access_log off;
            }
            location = /robots.txt {
                    allow all;
                    log_not_found off;
                    access_log off;
            }
            # This matters if you use drush
            location = /backup {
                    deny all;
            }
            # Very rarely should these ever be accessed outside of your lan
            location ~* \.(txt|log)$ {
                    allow 192.168.0.0/16;
                    deny all;
            }
            location ~ \..*/.*\.php$ {
                    return 403;
            }
            location / {
                    # This is cool because no php is touched for static content
                    try_files $uri @rewrite;
            }
            location @rewrite {
                    # Some modules enforce no slash (/) at the end of the URL Else this rewrite block wouldn't be needed
                    # (GlobalRedirect)
                    rewrite ^/(.*)$ /index.php?q=$1;
            }
            location @rewrite {
                    # Drupal in a subdirectory
                    rewrite ^/([^/]*)/(.*)(/?)$ /$1/index.php?q=$2&$args;
            }
            location ~ \.php$ {
                    error_page 418 = @rewrite;
                    recursive_error_pages on;
                    fastcgi_split_path_info ^[^=](.+\.php)(/.+)$;
                    include fastcgi_params;
                    if ( $uri = /index.php ) {
                            # not sure this conditional works, will have to check the debug logs
                            break;
                    }
                    if ( !-e $document_root$fastcgi_script_name) {
                            return 418;
                    }
                    #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    #fastcgi_intercept_errors on; fastcgi_read_timeout 240;
                    fastcgi_pass 127.0.0.1:9000;
            }
            # Fighting with ImageCache? This little gem is amazing.
            location ~ ^/sites/.*/files/imagecache/ {
                    try_files $uri @rewrite;
            }
            # Catch image styles for D7 too.
            location ~ ^/sites/.*/files/styles/ {
                    try_files $uri @rewrite;
            }
            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                    expires max;
                    log_not_found off;
            }
    }
    
     
    • Informative Informative x 1
  9. eva2000

    eva2000 Administrator Staff Member

    30,160
    6,784
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +10,135
    Local Time:
    8:37 PM
    Nginx 1.13.x
    MariaDB 5.5
    moved your post to more appropriate thread

    as to drupal config, i wouldn't know myself as I don't use drupal

    these aren't formatted correctly though
    Code (Text):
    # ngx_pagespeed & ngx_pagespeed handler include /usr/local/nginx/conf/pagespeed.conf; include
    # /usr/local/nginx/conf/pagespeedhandler.conf; include /usr/local/nginx/conf/pagespeedstatslog.conf;


    should be
    Code (Text):
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
     
  10. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    5:37 PM
    1.7.9
    5.5
    For SSL sites - there are 2 conf: mydomain.tld.conf and mydomain.tld.ssl.conf

    This is mydomain.tld.conf - Just replace mydomain.tld with your domain & myIP with your IP
    Code:
    # redirect to https and also www to non www
    server {
             listen myIP:80;
            server_name mydomain wwww.mydomain;
            return 301 https://mydomain$request_uri;
            root /home/nginx/domains/mydomain/public;
    # ngx_pagespeed & ngx_pagespeed handler include /usr/local/nginx/conf/pagespeed.conf; include
    # /usr/local/nginx/conf/pagespeedhandler.conf; include /usr/local/nginx/conf/pagespeedstatslog.conf;
            location = /favicon.ico {
                    log_not_found off;
                    access_log off;
            }
            location = /robots.txt {
                    allow all;
                    log_not_found off;
                    access_log off;
            }
            # This matters if you use drush
            location = /backup {
                    deny all;
            }
            # Very rarely should these ever be accessed outside of your lan
            location ~* \.(txt|log)$ {
                    allow 192.168.0.0/16;
                    deny all;
            }
            location ~ \..*/.*\.php$ {
                    return 403;
            }
            location / {
                    # This is cool because no php is touched for static content
                    try_files $uri @rewrite;
            }
            location @rewrite {
                    # Some modules enforce no slash (/) at the end of the URL Else this rewrite block wouldn't be needed
                    # (GlobalRedirect)
                    rewrite ^/(.*)$ /index.php?q=$1;
            }
            location @rewrite {
                    # Drupal in a subdirectory
                    rewrite ^/([^/]*)/(.*)(/?)$ /$1/index.php?q=$2&$args;
            }
            location ~ \.php$ {
                    error_page 418 = @rewrite;
                    recursive_error_pages on;
                    fastcgi_split_path_info ^[^=](.+\.php)(/.+)$;
                    include fastcgi_params;
                    if ( $uri = /index.php ) {
                            # not sure this conditional works, will have to check the debug logs
                            break;
                    }
                    if ( !-e $document_root$fastcgi_script_name) {
                            return 418;
                    }
                    #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    #fastcgi_intercept_errors on; fastcgi_read_timeout 240;
                    fastcgi_pass 127.0.0.1:9000;
            }
            # Fighting with ImageCache? This little gem is amazing.
            location ~ ^/sites/.*/files/imagecache/ {
                    try_files $uri @rewrite;
            }
            # Catch image styles for D7 too.
            location ~ ^/sites/.*/files/styles/ {
                    try_files $uri @rewrite;
            }
            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                    expires max;
                    log_not_found off;
            }
    }
    
    mydomain.tld.ssl.conf
    Code:
    # redirect from www to non-www  forced SSL
    server {
       server_name www.mydomain.tld;
        return 301 https://mydomain.tld$request_uri;
    }
    
    server {
      listen myIP:443 ssl http2;
      server_name mydomain.tld;
      root /home/nginx/domains/mydomain.tld/public;
      access_log /home/nginx/domains/mydomain.tld/log/access.log combined buffer=256k flush=60m;
      error_log /home/nginx/domains/mydomain.tld/log/error.log;
    
      ssl_dhparam /usr/local/nginx/conf/ssl/mydomain.tld/dhparam.pem;
      ssl_certificate      /usr/local/nginx/conf/ssl/mydomain.tld/webtivia_unified.crt;
      ssl_certificate_key  /usr/local/nginx/conf/ssl/mydomain.tld/webtivia.key;
      include /usr/local/nginx/conf/ssl_include.conf;
    
      # mozilla recommended
      ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
      ssl_prefer_server_ciphers   on;
      #add_header Alternate-Protocol  443:npn-spdy/3;
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header  X-Content-Type-Options "nosniff";
      #add_header X-Frame-Options DENY;
      #spdy_headers_comp 5;
      ssl_buffer_size 1400;
      ssl_session_tickets on;
     
      # enable ocsp stapling
      #resolver 8.8.8.8 8.8.4.4 valid=10m;
      #resolver_timeout 10s;
      #ssl_stapling on;
      #ssl_stapling_verify on;
      ssl_trusted_certificate /usr/local/nginx/conf/ssl/mydomain.tld/webtivia_trusted.crt;
    # ngx_pagespeed & ngx_pagespeed handler
    # include /usr/local/nginx/conf/pagespeed.conf;
    # include /usr/local/nginx/conf/pagespeedhandler.conf;
    # include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
    # limit_conn limit_per_ip 16;
      # ssi  on;
    
            location = /favicon.ico {
                    log_not_found off;
                    access_log off;
            }
            location = /robots.txt {
                    allow all;
                    log_not_found off;
                    access_log off;
            }
            # This matters if you use drush
            location = /backup {
                    deny all;
            }
            # Very rarely should these ever be accessed outside of your lan
            location ~* \.(txt|log)$ {
                    allow 192.168.0.0/16;
                    deny all;
            }
            location ~ \..*/.*\.php$ {
                    return 403;
            }
            location / {
                    # This is cool because no php is touched for static content
                    try_files $uri @rewrite;
            }
            location @rewrite {
                    # Some modules enforce no slash (/) at the end of the URL
                    # Else this rewrite block wouldn't be needed (GlobalRedirect)
                    rewrite ^/(.*)$ /index.php?q=$1;
            }
    
            location @rewrite {
                    # Drupal in a subdirectory
                    rewrite ^/([^/]*)/(.*)(/?)$ /$1/index.php?q=$2&$args;
            }
            location ~ \.php$ {
                    error_page 418 = @rewrite;
                    recursive_error_pages on;
                    fastcgi_split_path_info ^[^=](.+\.php)(/.+)$;
                    include fastcgi_params;
                    if ( $uri = /index.php ) {
                            # not sure this conditional works, will have to check the debug logs
                            break;
                    }
                    if ( !-e $document_root$fastcgi_script_name) {
                            return 418;
                    }
                    #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    #fastcgi_intercept_errors on;
                    #fastcgi_read_timeout 240;
                    fastcgi_pass  127.0.0.1:9000;
            }
            # Fighting with ImageCache? This little gem is amazing.
            location ~ ^/sites/.*/files/imagecache/ {
                    try_files $uri @rewrite;
            }
            # Catch image styles for D7 too.
            location ~ ^/sites/.*/files/styles/ {
                    try_files $uri @rewrite;
            }
            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                    expires max;
                    log_not_found off;
            }
    }
    
     
    • Like Like x 1
    • Informative Informative x 1
  11. nVidian

    nVidian Member

    85
    8
    8
    Mar 16, 2015
    Ratings:
    +23
    Local Time:
    5:37 PM
    1.7.9
    5.5
    This is for NON SSL site

    mydomain.tld.conf
    Code:
    # This is for redirect www to no www
    server {
       server_name www.mydomain.tld;
        return 301 http://mydomain.tld$request_uri;
    }
    server {
            server_name mydomain.tld;
            root /home/nginx/domains/mydomain.tld/public;
    # ngx_pagespeed & ngx_pagespeed handler include /usr/local/nginx/conf/pagespeed.conf; include
    # /usr/local/nginx/conf/pagespeedhandler.conf; include /usr/local/nginx/conf/pagespeedstatslog.conf;
            location = /favicon.ico {
                    log_not_found off;
                    access_log off;
            }
            location = /robots.txt {
                    allow all;
                    log_not_found off;
                    access_log off;
            }
            # This matters if you use drush
            location = /backup {
                    deny all;
            }
            # Very rarely should these ever be accessed outside of your lan
            location ~* \.(txt|log)$ {
                    allow 192.168.0.0/16;
                    deny all;
            }
            location ~ \..*/.*\.php$ {
                    return 403;
            }
            location / {
                    # This is cool because no php is touched for static content
                    try_files $uri @rewrite;
            }
            location @rewrite {
                    # Some modules enforce no slash (/) at the end of the URL Else this rewrite block wouldn't be needed
                    # (GlobalRedirect)
                    rewrite ^/(.*)$ /index.php?q=$1;
            }
            location @rewrite {
                    # Drupal in a subdirectory
                    rewrite ^/([^/]*)/(.*)(/?)$ /$1/index.php?q=$2&$args;
            }
            location ~ \.php$ {
                    error_page 418 = @rewrite;
                    recursive_error_pages on;
                    fastcgi_split_path_info ^[^=](.+\.php)(/.+)$;
                    include fastcgi_params;
                    if ( $uri = /index.php ) {
                            # not sure this conditional works, will have to check the debug logs
                            break;
                    }
                    if ( !-e $document_root$fastcgi_script_name) {
                            return 418;
                    }
                    #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    #fastcgi_intercept_errors on; fastcgi_read_timeout 240;
                    fastcgi_pass 127.0.0.1:9000;
            }
            # Fighting with ImageCache? This little gem is amazing.
            location ~ ^/sites/.*/files/imagecache/ {
                    try_files $uri @rewrite;
            }
            # Catch image styles for D7 too.
            location ~ ^/sites/.*/files/styles/ {
                    try_files $uri @rewrite;
            }
            location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                    expires max;
                    log_not_found off;
            }
    }
    
     
    • Like Like x 1
    • Informative Informative x 1
  12. hardousse

    hardousse Member

    84
    25
    18
    Dec 15, 2015
    Sweden
    Ratings:
    +37
    Local Time:
    1:37 PM
    1.11.*
    10.1*
    thanks for all help evreythink work ok..
     
    • Like Like x 1