Nginx Need help with a Dynamic Image script

GamerJota · Nov 11, 2016

Hello guys,

I was trying to do something simple, show a random image for an specific URL.

The URL https://rayduxz.cl/avatar/dynamic.jpg should display a random image (2 at the moment).

What it does its the following:
Code:
  if ($request_uri ~* "^/avatar/dynamic.php") {
   set $skip_cache 1;
  }

  location ~* ^/avatar/dynamic.jpg {
        set $skip_cache 1;
        try_files $uri /avatar/dynamic.php;
  }
I'm running Redis cache so I skip the cache for those.

The PHP is the following one:
Code:
<?php

    $sigImage = array("avatar1.jpg", "avatar2.jpg");

    $sigIndex = rand(0, count($sigImage)-1);
    $sigImage = $sigImage[$sigIndex];
    $imageExt = explode(".", $sigImage);
    if(strtolower($imageExt[1]) == "jpg"){
       $image   = imagecreatefromjpeg($sigImage);
    }elseif(strtolower($imageExt[1]) == "png"){
       $image   = imagecreatefrompng($sigImage);
    }else{
       die("Unsupported filetype!");
    }

    header('Content-type: image/jpeg');
    imagejpeg($image, NULL, 100);
    imagedestroy($image);

?>
The problem is that "dynamic.jpg" is apparently getting cached and it doesn't changes, but if you go directly to the PHP at https://rayduxz.cl/avatar/dynamic.php its working fine.

Any ideas of what it could be? I tried adding "expires off;" at "location ~* ^/avatar/dynamic.jpg" but its still the same.

eva2000 · Nov 11, 2016

Centmin Mod default static files include file at /usr/local/nginx/conf/staticfiles.conf handles image extension files via Nginx.

You may need to comment out or adjust that

You can also use SSH command shortcut below to launch nano linux text editor and edit file /usr/local/nginx/conf/staticfiles.conf
Code:
statfilesinc
or maybe break it out of static location match
Code (Text):
location ~* ^/avatar {
  location ~* ^/(avatar/dynamic.jpg) {
        set $skip_cache 1;
        expires off;
        try_files $uri /avatar/dynamic.php;
  }
}

GamerJota · Nov 12, 2016

Mmh...

Your code makes the "dynamic.php" and "dynamic.jpg" to show the source code instead (both gets "dynamic.php" downloaded).

I tried with:
Code:
  if ($request_uri ~* "^/avatar/dynamic.php") {
        set $skip_cache 1;
  }

  location ~* ^/avatar/dynamic.jpg {
        set $skip_cache 1;
        expires off;
        try_files $uri /avatar/dynamic.php;
  }
And commented out "include /usr/local/nginx/conf/staticfiles-hsts.conf".

Still the same, "dynamic.jpg" shows always the same image but "dynamic.php" changes.

eva2000 · Nov 12, 2016

Oh add the php.conf include file too

Code (Text):

location ~* ^/avatar {
  location ~* ^/(avatar/dynamic.jpg) {
        include /usr/local/nginx/conf/php.conf;
        set $skip_cache 1;
        expires off;
        try_files $uri /avatar/dynamic.php;
  }
}

GamerJota · Nov 12, 2016

Weird, I actually tried that but with "php-rediscache.conf" and it didn't work, now the "dynamic.jpg" shows the image but it still always the same for me.

Could you please try and tell me if it changes for you?

https://rayduxz.cl/avatar/dynamic.jpg

eva2000 · Nov 12, 2016

You behind cloudflare ? could be cloudflare cache ?

GamerJota · Nov 12, 2016

I'm behind CloudFlare but I got a rule to bypass cache, perfomance and apps for anything under /avatar/*

eva2000 · Nov 12, 2016

still getting cached HTTP Header Check with an online CURL tool

Code (Text):

HTTP/1.1 200 OK
Date: Fri, 11 Nov 2016 16:06:32 GMT
Content-Type: application/octet-stream
Content-Length: 569
Connection: keep-alive
Set-Cookie: __cfduid=d893683a0550774332227bcda547b47781478880392; expires=Sat, 11-Nov-17 16:06:32 GMT; path=/; domain=.rayduxz.cl; HttpOnly
Last-Modified: Thu, 10 Nov 2016 23:39:57 GMT
ETag: "5825054d-239"
X-Powered-By: centminmod
Strict-Transport-Security: max-age=31536000;
CF-Cache-Status: HIT
Expires: Fri, 11 Nov 2016 20:06:32 GMT
Cache-Control: public, max-age=14400
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 3002fdf3e88f2180-EWR

GamerJota · Nov 12, 2016

Okay, cache and CloudFlare is starting to get me upset haha.

CloudFlare rule:
[IMG]

Code:

HTTP/1.1 200 OK
Date: Fri, 11 Nov 2016 16:48:47 GMT
Content-Type: application/octet-stream
Content-Length: 569
Connection: keep-alive
Set-Cookie: __cfduid=dd716a572ff696baedd15c65af65a342e1478882926; expires=Sat, 11-Nov-17 16:48:46 GMT; path=/; domain=.rayduxz.cl; HttpOnly
Last-Modified: Thu, 10 Nov 2016 23:39:57 GMT
ETag: "5825054d-239"
X-Powered-By: centminmod
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 30033bd4bd7f21ce-EWR

Code:

# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html
# For SPDY SSL Setup
# read http://centminmod.com/nginx_configure_https_ssl_spdy.html

map $http_host $blogid {
    default               0;

    include /home/nginx/domains/rayduxz.cl/public/wp-content/uploads/nginx-helper/map.conf;
}
server {
  listen 10.0.0.77:443 ssl http2;
  server_name rayduxz.cl www.rayduxz.cl rayduxz.com www.rayduxz.com;

  ssl_dhparam /usr/local/nginx/conf/ssl/rayduxz.cl/dhparam.pem;
  ssl_certificate      /usr/local/nginx/conf/ssl/rayduxz.cl/rayduxz.cl.crt;
  ssl_certificate_key  /usr/local/nginx/conf/ssl/rayduxz.cl/rayduxz.cl.key;
  include /usr/local/nginx/conf/ssl_include.conf;

  # mozilla recommended
  ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA:!DES-CBC3-SHA;
  ssl_prefer_server_ciphers   on;
  #####add_header Alternate-Protocol  443:npn-spdy/3;
  # HTTP Public Key Pinning Header uncomment only one that applies include or exclude domains.
  # You'd want to include subdomains if you're using SSL wildcard certificates
  # include subdomain
  #add_header Public-Key-Pins 'pin-sha256="rekgpRzoLu70AcpIym0CNxxnlacJA6/59iJ+MiSAnGU="; pin-sha256="HDZ1iBAAlXg1TvjW3Ciw0hBXXy47n9x2h+LbOm4riRc="; max-age=86400; includeSubDomains';
  # exclude subdomains
  #add_header Public-Key-Pins 'pin-sha256="rekgpRzoLu70AcpIym0CNxxnlacJA6/59iJ+MiSAnGU="; pin-sha256="HDZ1iBAAlXg1TvjW3Ciw0hBXXy47n9x2h+LbOm4riRc="; max-age=86400';
  add_header Strict-Transport-Security "max-age=31536000;";
  #add_header X-Frame-Options SAMEORIGIN;
  #add_header X-Xss-Protection "1; mode=block" always;
  #add_header X-Content-Type-Options "nosniff" always;
  #####spdy_headers_comp 5;
  ssl_buffer_size 1400;
  ssl_session_tickets on;
 
  # enable ocsp stapling
  #resolver 8.8.8.8 8.8.4.4 valid=10m;
  #resolver_timeout 10s;
  #ssl_stapling on;
  #ssl_stapling_verify on;
  #ssl_trusted_certificate /usr/local/nginx/conf/ssl/rayduxz.cl/rayduxz.cl-trusted.crt; 

  # ngx_pagespeed & ngx_pagespeed handler
  #include /usr/local/nginx/conf/pagespeed.conf;
  #include /usr/local/nginx/conf/pagespeedhandler.conf;
  #include /usr/local/nginx/conf/pagespeedstatslog.conf;

  #add_header X-Frame-Options SAMEORIGIN;
  #add_header X-Xss-Protection "1; mode=block" always;
  #add_header X-Content-Type-Options "nosniff" always;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/rayduxz.cl/log/access.log combined buffer=256k flush=60m;
  error_log /home/nginx/domains/rayduxz.cl/log/error.log;
 
  root /home/nginx/domains/rayduxz.cl/public;
  # uncomment cloudflare.conf include if using cloudflare for
  # server and/or vhost site
  include /usr/local/nginx/conf/cloudflare.conf;
  #include /usr/local/nginx/conf/503include-main.conf;

  # prevent access to ./directories and files
  location ~ (?:^|/)\. {
   deny all;
  }

  #include /usr/local/nginx/conf/wpincludes/rayduxz.cl/wpcacheenabler_rayduxz.cl.conf;
  #include /usr/local/nginx/conf/wpincludes/rayduxz.cl/wpsupercache_rayduxz.cl.conf;
  # https://community.centminmod.com/posts/18828/
  include /usr/local/nginx/conf/wpincludes/rayduxz.cl/rediscache_rayduxz.cl.conf; 

  if ($request_uri ~* "^/ts3/banner.php") {
   set $skip_cache 1;
  }

  location / {
  include /usr/local/nginx/conf/503include-only.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # for wordpress super cache plugin
  #try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html $uri $uri/ /index.php?q=$uri&$args;

  # for wp cache enabler plugin
  #try_files $cache_enabler_uri $uri $uri/ $custom_subdir/index.php?$args; 

  # Wordpress Permalinks
  #try_files $uri $uri/ /index.php?q=$uri&$args;

  # Nginx level redis Wordpress
  # https://community.centminmod.com/posts/18828/
  try_files $uri $uri/ /index.php$is_args$args;

  }

### MULTISITE
location ~ ^/[_0-9a-zA-Z-]+/files/(.*)$ {
        try_files /wp-content/blogs.dir/$blogid/files/$2 /wp-includes/ms-files.php?file=$2 ;
        access_log off; log_not_found off; expires max;
}

#avoid php readfile()
location ^~ /blogs.dir {
        internal;
        alias /var/www/example.com/htdocs/wp-content/blogs.dir ;
        access_log off; log_not_found off;      expires max;
}

# Rewrite multisite '.../wp-.*' and '.../*.php'.
if (!-e $request_filename) {
    rewrite /wp-admin$ $scheme://$host$uri/ permanent;
    rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last;
    rewrite ^/[_0-9a-zA-Z-]+(/.*\.php)$ $1 last;
}

### MULTISITE END

location ~* /(wp-login\.php) {
    limit_req zone=xwplogin burst=1 nodelay;
    #limit_conn xwpconlimit 30;
    auth_basic "Private";
    #auth_basic_user_file /home/nginx/domains/rayduxz.cl/htpasswd_wplogin;   
    #include /usr/local/nginx/conf/php-wpsc.conf;
    # https://community.centminmod.com/posts/18828/
    include /usr/local/nginx/conf/php-rediscache.conf;
}

location ~* /(xmlrpc\.php) {
    limit_req zone=xwprpc burst=45 nodelay;
    #limit_conn xwpconlimit 30;
    #include /usr/local/nginx/conf/php-wpsc.conf;
    # https://community.centminmod.com/posts/18828/
    include /usr/local/nginx/conf/php-rediscache.conf;
}

location ~* ^/avatar {
  location ~* ^/(avatar/dynamic.jpg) {
        include /usr/local/nginx/conf/php.conf;
        set $skip_cache 1;
        expires off;
        try_files $uri /avatar/dynamic.php;
  }
}

  include /usr/local/nginx/conf/wpincludes/rayduxz.cl/wpsecure_rayduxz.cl.conf;
  #include /usr/local/nginx/conf/php-wpsc.conf;
  # https://community.centminmod.com/posts/18828/
  include /usr/local/nginx/conf/php-rediscache.conf;
  #include /usr/local/nginx/conf/staticfiles.conf;
  #include /usr/local/nginx/conf/staticfiles-hsts.conf; 
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;

}

And now "dynamic.jpg" shows the source of "dynamic.php".
I don't even know anymore o_O

eva2000 · Nov 12, 2016

Never used multi-site wp before myself but for rest of troubleshooting you'd be on your own

GamerJota · Nov 12, 2016

Alright, fair enough.

What about a fresh generated vhost? "avatar.rayduxz.cl"

CloudFlare rule:
[IMG]

Code:

# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html
# For SPDY SSL Setup
# read http://centminmod.com/nginx_configure_https_ssl_spdy.html

server {
  listen 10.0.0.77:443 ssl http2;
  server_name avatar.rayduxz.cl;

  ssl_dhparam /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/dhparam.pem;
  ssl_certificate      /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/avatar.rayduxz.cl.crt;
  ssl_certificate_key  /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/avatar.rayduxz.cl.key;
  include /usr/local/nginx/conf/ssl_include.conf;

  http2_max_field_size 16k;
  http2_max_header_size 32k;
  # mozilla recommended
  ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+ECDSA+SHA384:EECDH+aRSA+SHA256:EECDH+aRSA+SHA384:EECDH+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
  ssl_prefer_server_ciphers   on;
  #add_header Alternate-Protocol  443:npn-spdy/3;
  # HTTP Public Key Pinning Header uncomment only one that applies include or exclude domains.
  # You'd want to include subdomains if you're using SSL wildcard certificates
  # include subdomain
  #add_header Public-Key-Pins 'pin-sha256="9lctBJeXkOc53B98vfLoPkOzxXDzwaFrJVDIy0YUZKQ="; pin-sha256="chLE/72yrgm5CtgpJhbufkrBOR6qW2mZoc2Fp7Peio8="; max-age=86400; includeSubDomains';
  # exclude subdomains
  #add_header Public-Key-Pins 'pin-sha256="9lctBJeXkOc53B98vfLoPkOzxXDzwaFrJVDIy0YUZKQ="; pin-sha256="chLE/72yrgm5CtgpJhbufkrBOR6qW2mZoc2Fp7Peio8="; max-age=86400';
  #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
  #add_header X-Frame-Options SAMEORIGIN;
  #add_header X-Xss-Protection "1; mode=block" always;
  #add_header X-Content-Type-Options "nosniff" always;
  #spdy_headers_comp 5;
  ssl_buffer_size 1369;
  ssl_session_tickets on;
 
  # enable ocsp stapling
  #resolver 8.8.8.8 8.8.4.4 valid=10m;
  #resolver_timeout 10s;
  #ssl_stapling on;
  #ssl_stapling_verify on;
  #ssl_trusted_certificate /usr/local/nginx/conf/ssl/avatar.rayduxz.cl/avatar.rayduxz.cl-trusted.crt; 

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/avatar.rayduxz.cl/log/access.log combined buffer=256k flush=60m;
  error_log /home/nginx/domains/avatar.rayduxz.cl/log/error.log;

  include /usr/local/nginx/conf/autoprotect/avatar.rayduxz.cl/autoprotect-avatar.rayduxz.cl.conf;
  root /home/nginx/domains/avatar.rayduxz.cl/public;
  # uncomment cloudflare.conf include if using cloudflare for
  # server and/or vhost site
  #include /usr/local/nginx/conf/cloudflare.conf;
  include /usr/local/nginx/conf/503include-main.conf;

  # prevent access to ./directories and files
  location ~ (?:^|/)\. {
   deny all;
  } 

  location / {
  include /usr/local/nginx/conf/503include-only.conf;

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Enable for vBulletin usage WITHOUT vbSEO installed
  # More example Nginx vhost configurations at
  # http://centminmod.com/nginx_configure.html
  #try_files    $uri $uri/ /index.php;

  }

  location ~* ^/rayduxz {
    location ~* ^/(rayduxz/dynamic.jpg) {
          include /usr/local/nginx/conf/php.conf;
          set $skip_cache 1;
          expires off;
          try_files $uri /rayduxz/dynamic.php;
    }
  }

  include /usr/local/nginx/conf/staticfiles.conf;
  include /usr/local/nginx/conf/php.conf;
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;
}

"https://avatar.rayduxz.cl/rayduxz/dynamic.jpg" downloads the "dynamic.php".
So yeah, hehe. Not related to multisite.
But I want to understand why this is happening, I can't seem to get it.

GamerJota · Nov 12, 2016

Alright, now it's working.

I'm using:
Code:
  location ~* ^/rayduxz/dynamic.jpg {
        expires off;
        try_files $uri /rayduxz/dynamic.php;
  }
Also commented out "include /usr/local/nginx/conf/staticfiles.conf;", if you don't sometimes it shows blank.

Leaving this for reference if anyone finds it useful, so the key was "expires off;".

Thank you @eva2000!

eva2000 · Nov 12, 2016

GamerJota said: ↑

Also commented out "include /usr/local/nginx/conf/staticfiles.conf;", if you don't sometimes it shows blank.
Click to expand...

sounds like that fixed it

Log in / Register

Forums

Learn about Centmin Mod LEMP Stack today

Nginx Need help with a Dynamic Image script

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

GamerJota New Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Learn about Centmin Mod LEMP Stack today

Nginx Need help with a Dynamic Image script

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

eva2000 Administrator Staff Member

GamerJota New Member

GamerJota New Member

eva2000 Administrator Staff Member

.