Learn about Centmin Mod LEMP Stack today
Become a Member

Sysadmin Nginx location block in location block

Discussion in 'System Administration' started by Meirami, Aug 5, 2018.

  1. Meirami

    Meirami Member

    128
    15
    18
    Dec 21, 2017
    Ratings:
    +41
    Local Time:
    7:56 PM
    Just noticed I had } in wrong place, but nginx was working and page was working.

    I think this (for example) should not work.
    Code:
     location / {
        rewrite ^ /index.php$uri;
        include /usr/local/nginx/conf/php-pool2.conf;
    
      location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
            deny all;
        }
    }
    
    How nginx reads that kind of configuration? Feels like it read normally like separate location blocks. Is that somehow allowed way even I didn't find any similar by googleing..?

    server {
    .
    .
    .
    location / {
    rewrite ^ /index.php$uri;
    include /usr/local/nginx/conf/php-pool2.conf;

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
    deny all;
    }
    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
    deny all;
    }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param HTTPS on;
    #Avoid sending the security headers twice
    fastcgi_param modHeadersAvailable true;
    fastcgi_param front_controller_active true;
    fastcgi_pass php-handler;
    fastcgi_request_buffering off;
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
    try_files $uri/ =404;
    index index.php;
    }

    # Adding the cache control header for js and css files
    # Make sure it is BELOW the PHP block
    location ~ \.(?:css|js|woff|svg|gif)$ {
    try_files $uri /index.php$uri$is_args$args;
    add_header Cache-Control "public, max-age=31536000";
    # Add headers to serve security related headers (It is intended to
    # have those duplicated to the ones above)
    # The ones above removed because those are harcoded in NC13.
    # Before enabling Strict-Transport-Security headers please read into
    # this topic first.
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains;";
    #
    # WARNING: Only add the preload option once you read about
    # the consequences in HSTS Preload List Submission. This option
    # will add the domain to a hardcoded list that is shipped
    # in all major browsers and getting removed from this list
    # could take several months.
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    # Optional: Don't log access to assets
    access_log off;
    }

    location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
    try_files $uri /index.php$uri$is_args$args;
    # Optional: Don't log access to other assets
    access_log off;
    }


    # block common exploits, sql injections etc
    #include /usr/local/nginx/conf/block.conf;

    # Enables directory listings when index file not found
    #autoindex on;

    # Shows file listing times as local time
    #autoindex_localtime on;

    # Wordpress Permalinks example
    #try_files $uri $uri/ /index.php?q=$uri&$args;

    }

    include /usr/local/nginx/conf/pre-staticfiles-local-mahta.win.conf;
    include /usr/local/nginx/conf/pre-staticfiles-global.conf;
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/php.conf;

    include /usr/local/nginx/conf/drop.conf;
    #include /usr/local/nginx/conf/errorpage.conf;
    include /usr/local/nginx/conf/vts_server.conf;
    }
     
  2. eva2000

    eva2000 Administrator Staff Member

    40,209
    8,894
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,706
    Local Time:
    2:56 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    That is a valid way of configuring and works just fine if it's as intended. For example limiting the scope of a location regex match to the outer location match location instead of globally within a site.
     
  3. Meirami

    Meirami Member

    128
    15
    18
    Dec 21, 2017
    Ratings:
    +41
    Local Time:
    7:56 PM
    Thank You for the help! Again :)
    Do you have any link to a site where's more information about that? It may be usefull to know more about it.

    I've been so tired and busy lately, so that could be intended, but I just can't remember why. So I bet it's an error... :oops:
    Thankfully this is just a hobby. So no angry customers or bosses. :LOL:

    BTW.
    I'm having strange triangles here.
    Screenshot_2018-08-05.png
     
  4. eva2000

    eva2000 Administrator Staff Member

    40,209
    8,894
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,706
    Local Time:
    2:56 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    IIRC google for nginx.com blog articles there was some guides on nginx rewrites

    what computer OS/browser/browser version ?
     
  5. Meirami

    Meirami Member

    128
    15
    18
    Dec 21, 2017
    Ratings:
    +41
    Local Time:
    7:56 PM
    Win 10 and Firefox 61.0.1 (64-bit)
     
    • Informative Informative x 1
..