Hello guys, I was trying to do something simple, show a random image for an specific URL. The URL https://rayduxz.cl/avatar/dynamic.jpg should display a random image (2 at the moment). What it does its the following: Code: if ($request_uri ~* "^/avatar/dynamic.php") { set $skip_cache 1; } location ~* ^/avatar/dynamic.jpg { set $skip_cache 1; try_files $uri /avatar/dynamic.php; } I'm running Redis cache so I skip the cache for those. The PHP is the following one: Spoiler: PHP code Code: <?php $sigImage = array("avatar1.jpg", "avatar2.jpg"); $sigIndex = rand(0, count($sigImage)-1); $sigImage = $sigImage[$sigIndex]; $imageExt = explode(".", $sigImage); if(strtolower($imageExt[1]) == "jpg"){ $image = imagecreatefromjpeg($sigImage); }elseif(strtolower($imageExt[1]) == "png"){ $image = imagecreatefrompng($sigImage); }else{ die("Unsupported filetype!"); } header('Content-type: image/jpeg'); imagejpeg($image, NULL, 100); imagedestroy($image); ?> The problem is that "dynamic.jpg" is apparently getting cached and it doesn't changes, but if you go directly to the PHP at https://rayduxz.cl/avatar/dynamic.php its working fine. Any ideas of what it could be? I tried adding "expires off;" at "location ~* ^/avatar/dynamic.jpg" but its still the same.
Centmin Mod default static files include file at /usr/local/nginx/conf/staticfiles.conf handles image extension files via Nginx. You may need to comment out or adjust that You can also use SSH command shortcut below to launch nano linux text editor and edit file /usr/local/nginx/conf/staticfiles.conf Code: statfilesinc or maybe break it out of static location match Code (Text): location ~* ^/avatar { location ~* ^/(avatar/dynamic.jpg) { set $skip_cache 1; expires off; try_files $uri /avatar/dynamic.php; } }
Mmh... Your code makes the "dynamic.php" and "dynamic.jpg" to show the source code instead (both gets "dynamic.php" downloaded). I tried with: Code: if ($request_uri ~* "^/avatar/dynamic.php") { set $skip_cache 1; } location ~* ^/avatar/dynamic.jpg { set $skip_cache 1; expires off; try_files $uri /avatar/dynamic.php; } And commented out "include /usr/local/nginx/conf/staticfiles-hsts.conf". Still the same, "dynamic.jpg" shows always the same image but "dynamic.php" changes.
Oh add the php.conf include file too Code (Text): location ~* ^/avatar { location ~* ^/(avatar/dynamic.jpg) { include /usr/local/nginx/conf/php.conf; set $skip_cache 1; expires off; try_files $uri /avatar/dynamic.php; } }
Weird, I actually tried that but with "php-rediscache.conf" and it didn't work, now the "dynamic.jpg" shows the image but it still always the same for me. Could you please try and tell me if it changes for you? https://rayduxz.cl/avatar/dynamic.jpg
I'm behind CloudFlare but I got a rule to bypass cache, perfomance and apps for anything under /avatar/*
still getting cached HTTP Header Check with an online CURL tool Code (Text): HTTP/1.1 200 OK Date: Fri, 11 Nov 2016 16:06:32 GMT Content-Type: application/octet-stream Content-Length: 569 Connection: keep-alive Set-Cookie: __cfduid=d893683a0550774332227bcda547b47781478880392; expires=Sat, 11-Nov-17 16:06:32 GMT; path=/; domain=.rayduxz.cl; HttpOnly Last-Modified: Thu, 10 Nov 2016 23:39:57 GMT ETag: "5825054d-239" X-Powered-By: centminmod Strict-Transport-Security: max-age=31536000; CF-Cache-Status: HIT Expires: Fri, 11 Nov 2016 20:06:32 GMT Cache-Control: public, max-age=14400 Accept-Ranges: bytes Server: cloudflare-nginx CF-RAY: 3002fdf3e88f2180-EWR
Okay, cache and CloudFlare is starting to get me upset haha. CloudFlare rule: Spoiler: HTTP Response Header Code: HTTP/1.1 200 OK Date: Fri, 11 Nov 2016 16:48:47 GMT Content-Type: application/octet-stream Content-Length: 569 Connection: keep-alive Set-Cookie: __cfduid=dd716a572ff696baedd15c65af65a342e1478882926; expires=Sat, 11-Nov-17 16:48:46 GMT; path=/; domain=.rayduxz.cl; HttpOnly Last-Modified: Thu, 10 Nov 2016 23:39:57 GMT ETag: "5825054d-239" X-Powered-By: centminmod Strict-Transport-Security: max-age=31536000; Accept-Ranges: bytes Server: cloudflare-nginx CF-RAY: 30033bd4bd7f21ce-EWR Spoiler: Complete .conf file Code: # Centmin Mod Getting Started Guide # must read http://centminmod.com/getstarted.html # For SPDY SSL Setup # read http://centminmod.com/nginx_configure_https_ssl_spdy.html map $http_host $blogid { default 0; include /home/nginx/domains/rayduxz.cl/public/wp-content/uploads/nginx-helper/map.conf; } server { listen 10.0.0.77:443 ssl http2; server_name rayduxz.cl www.rayduxz.cl rayduxz.com www.rayduxz.com; ssl_dhparam /usr/local/nginx/conf/ssl/rayduxz.cl/dhparam.pem; ssl_certificate /usr/local/nginx/conf/ssl/rayduxz.cl/rayduxz.cl.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/rayduxz.cl/rayduxz.cl.key; include /usr/local/nginx/conf/ssl_include.conf; # mozilla recommended ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA:!DES-CBC3-SHA; ssl_prefer_server_ciphers on; #####add_header Alternate-Protocol 443:npn-spdy/3; # HTTP Public Key Pinning Header uncomment only one that applies include or exclude domains. # You'd want to include subdomains if you're using SSL wildcard certificates # include subdomain #add_header Public-Key-Pins 'pin-sha256="rekgpRzoLu70AcpIym0CNxxnlacJA6/59iJ+MiSAnGU="; pin-sha256="HDZ1iBAAlXg1TvjW3Ciw0hBXXy47n9x2h+LbOm4riRc="; max-age=86400; includeSubDomains'; # exclude subdomains #add_header Public-Key-Pins 'pin-sha256="rekgpRzoLu70AcpIym0CNxxnlacJA6/59iJ+MiSAnGU="; pin-sha256="HDZ1iBAAlXg1TvjW3Ciw0hBXXy47n9x2h+LbOm4riRc="; max-age=86400'; add_header Strict-Transport-Security "max-age=31536000;"; #add_header X-Frame-Options SAMEORIGIN; #add_header X-Xss-Protection "1; mode=block" always; #add_header X-Content-Type-Options "nosniff" always; #####spdy_headers_comp 5; ssl_buffer_size 1400; ssl_session_tickets on; # enable ocsp stapling #resolver 8.8.8.8 8.8.4.4 valid=10m; #resolver_timeout 10s; #ssl_stapling on; #ssl_stapling_verify on; #ssl_trusted_certificate /usr/local/nginx/conf/ssl/rayduxz.cl/rayduxz.cl-trusted.crt; # ngx_pagespeed & ngx_pagespeed handler #include /usr/local/nginx/conf/pagespeed.conf; #include /usr/local/nginx/conf/pagespeedhandler.conf; #include /usr/local/nginx/conf/pagespeedstatslog.conf; #add_header X-Frame-Options SAMEORIGIN; #add_header X-Xss-Protection "1; mode=block" always; #add_header X-Content-Type-Options "nosniff" always; # limit_conn limit_per_ip 16; # ssi on; access_log /home/nginx/domains/rayduxz.cl/log/access.log combined buffer=256k flush=60m; error_log /home/nginx/domains/rayduxz.cl/log/error.log; root /home/nginx/domains/rayduxz.cl/public; # uncomment cloudflare.conf include if using cloudflare for # server and/or vhost site include /usr/local/nginx/conf/cloudflare.conf; #include /usr/local/nginx/conf/503include-main.conf; # prevent access to ./directories and files location ~ (?:^|/)\. { deny all; } #include /usr/local/nginx/conf/wpincludes/rayduxz.cl/wpcacheenabler_rayduxz.cl.conf; #include /usr/local/nginx/conf/wpincludes/rayduxz.cl/wpsupercache_rayduxz.cl.conf; # https://community.centminmod.com/posts/18828/ include /usr/local/nginx/conf/wpincludes/rayduxz.cl/rediscache_rayduxz.cl.conf; if ($request_uri ~* "^/ts3/banner.php") { set $skip_cache 1; } location / { include /usr/local/nginx/conf/503include-only.conf; # Enables directory listings when index file not found #autoindex on; # for wordpress super cache plugin #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args; # for wp cache enabler plugin #try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args; # Wordpress Permalinks #try_files $uri $uri/ /index.php?q=$uri&$args; # Nginx level redis Wordpress # https://community.centminmod.com/posts/18828/ try_files $uri $uri/ /index.php$is_args$args; } ### MULTISITE location ~ ^/[_0-9a-zA-Z-]+/files/(.*)$ { try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ; access_log off; log_not_found off; expires max; } #avoid php readfile() location ^~ /blogs.dir { internal; alias /var/www/example.com/htdocs/wp-content/blogs.dir ; access_log off; log_not_found off; expires max; } # Rewrite multisite '.../wp-.*' and '.../*.php'. if (!-e $request_filename) { rewrite /wp-admin$ $scheme://$host$uri/ permanent; rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last; rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last; } ### MULTISITE END location ~* /(wp-login\.php) { limit_req zone=xwplogin burst=1 nodelay; #limit_conn xwpconlimit 30; auth_basic "Private"; #auth_basic_user_file /home/nginx/domains/rayduxz.cl/htpasswd_wplogin; #include /usr/local/nginx/conf/php-wpsc.conf; # https://community.centminmod.com/posts/18828/ include /usr/local/nginx/conf/php-rediscache.conf; } location ~* /(xmlrpc\.php) { limit_req zone=xwprpc burst=45 nodelay; #limit_conn xwpconlimit 30; #include /usr/local/nginx/conf/php-wpsc.conf; # https://community.centminmod.com/posts/18828/ include /usr/local/nginx/conf/php-rediscache.conf; } location ~* ^/avatar { location ~* ^/(avatar/dynamic.jpg) { include /usr/local/nginx/conf/php.conf; set $skip_cache 1; expires off; try_files $uri /avatar/dynamic.php; } } include /usr/local/nginx/conf/wpincludes/rayduxz.cl/wpsecure_rayduxz.cl.conf; #include /usr/local/nginx/conf/php-wpsc.conf; # https://community.centminmod.com/posts/18828/ include /usr/local/nginx/conf/php-rediscache.conf; #include /usr/local/nginx/conf/staticfiles.conf; #include /usr/local/nginx/conf/staticfiles-hsts.conf; include /usr/local/nginx/conf/drop.conf; #include /usr/local/nginx/conf/errorpage.conf; include /usr/local/nginx/conf/vts_server.conf; } And now "dynamic.jpg" shows the source of "dynamic.php". I don't even know anymore
Alright, fair enough. What about a fresh generated vhost? "avatar.rayduxz.cl" CloudFlare rule: Spoiler: Fresh virtual host .conf with your nginx script Code: # Centmin Mod Getting Started Guide # must read http://centminmod.com/getstarted.html # For SPDY SSL Setup # read http://centminmod.com/nginx_configure_https_ssl_spdy.html server { listen 10.0.0.77:443 ssl http2; server_name avatar.rayduxz.cl; ssl_dhparam /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/dhparam.pem; ssl_certificate /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/avatar.rayduxz.cl.crt; ssl_certificate_key /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/avatar.rayduxz.cl.key; include /usr/local/nginx/conf/ssl_include.conf; http2_max_field_size 16k; http2_max_header_size 32k; # mozilla recommended ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA; ssl_prefer_server_ciphers on; #add_header Alternate-Protocol 443:npn-spdy/3; # HTTP Public Key Pinning Header uncomment only one that applies include or exclude domains. # You'd want to include subdomains if you're using SSL wildcard certificates # include subdomain #add_header Public-Key-Pins 'pin-sha256="9lctBJeXkOc53B98vfLoPkOzxXDzwaFrJVDIy0YUZKQ="; pin-sha256="chLE/72yrgm5CtgpJhbufkrBOR6qW2mZoc2Fp7Peio8="; max-age=86400; includeSubDomains'; # exclude subdomains #add_header Public-Key-Pins 'pin-sha256="9lctBJeXkOc53B98vfLoPkOzxXDzwaFrJVDIy0YUZKQ="; pin-sha256="chLE/72yrgm5CtgpJhbufkrBOR6qW2mZoc2Fp7Peio8="; max-age=86400'; #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; #add_header X-Frame-Options SAMEORIGIN; #add_header X-Xss-Protection "1; mode=block" always; #add_header X-Content-Type-Options "nosniff" always; #spdy_headers_comp 5; ssl_buffer_size 1369; ssl_session_tickets on; # enable ocsp stapling #resolver 8.8.8.8 8.8.4.4 valid=10m; #resolver_timeout 10s; #ssl_stapling on; #ssl_stapling_verify on; #ssl_trusted_certificate /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/avatar.rayduxz.cl-trusted.crt; # ngx_pagespeed & ngx_pagespeed handler #include /usr/local/nginx/conf/pagespeed.conf; #include /usr/local/nginx/conf/pagespeedhandler.conf; #include /usr/local/nginx/conf/pagespeedstatslog.conf; # limit_conn limit_per_ip 16; # ssi on; access_log /home/nginx/domains/avatar.rayduxz.cl/log/access.log combined buffer=256k flush=60m; error_log /home/nginx/domains/avatar.rayduxz.cl/log/error.log; include /usr/local/nginx/conf/autoprotect/avatar.rayduxz.cl/autoprotect-avatar.rayduxz.cl.conf; root /home/nginx/domains/avatar.rayduxz.cl/public; # uncomment cloudflare.conf include if using cloudflare for # server and/or vhost site #include /usr/local/nginx/conf/cloudflare.conf; include /usr/local/nginx/conf/503include-main.conf; # prevent access to ./directories and files location ~ (?:^|/)\. { deny all; } location / { include /usr/local/nginx/conf/503include-only.conf; # block common exploits, sql injections etc #include /usr/local/nginx/conf/block.conf; # Enables directory listings when index file not found #autoindex on; # Shows file listing times as local time #autoindex_localtime on; # Enable for vBulletin usage WITHOUT vbSEO installed # More example Nginx vhost configurations at # http://centminmod.com/nginx_configure.html #try_files $uri $uri/ /index.php; } location ~* ^/rayduxz { location ~* ^/(rayduxz/dynamic.jpg) { include /usr/local/nginx/conf/php.conf; set $skip_cache 1; expires off; try_files $uri /rayduxz/dynamic.php; } } include /usr/local/nginx/conf/staticfiles.conf; include /usr/local/nginx/conf/php.conf; include /usr/local/nginx/conf/drop.conf; #include /usr/local/nginx/conf/errorpage.conf; include /usr/local/nginx/conf/vts_server.conf; } "https://avatar.rayduxz.cl/rayduxz/dynamic.jpg" downloads the "dynamic.php". So yeah, hehe. Not related to multisite. But I want to understand why this is happening, I can't seem to get it.
Alright, now it's working. I'm using: Code: location ~* ^/rayduxz/dynamic.jpg { expires off; try_files $uri /rayduxz/dynamic.php; } Also commented out "include /usr/local/nginx/conf/staticfiles.conf;", if you don't sometimes it shows blank. Leaving this for reference if anyone finds it useful, so the key was "expires off;". Thank you @eva2000!