Want to subscribe to topics you're interested in?
Become a Member

Magento Updated Magento 2 Nginx Directives for Magento 2.15

Discussion in 'Ecommerce / Shopping cart usage' started by ljseals, Mar 29, 2017.

  1. ljseals

    ljseals Member

    101
    24
    18
    Dec 20, 2016
    Ratings:
    +46
    Local Time:
    12:19 AM
    Greetings, I have tried to use Magento 2 and the backend admin screen was incredibly slow also it was glitching so after praying and asking for the Lord's help I was able to get a very fast magento 2 based site on Centmin Mod. Please keep in mind this is only a draft as I have not fully tested the configuration file. However, these nginx directives are based on Magento's nginx directives here. magento2/nginx.conf.sample at develop · magento/magento2 · GitHub T

    Using Eva2000's directives at https://community.centminmod.com/posts/36491/ I was able to pattern match the below configuration file.

    For Magento 2 transposed settings first create a copy of Centmin Mod's default php.conf include file for magento named /usr/local/nginx/conf/php_magento.conf as you'll need it for your location context match for location ~ ^/update/index.php part

    Code (Text):
    cp -a /usr/local/nginx/conf/php.conf /usr/local/nginx/conf/php_magento.conf
    


    Edit /usr/local/nginx/conf/php_magento.conf and comment out with hash # in front the line for fastcgi_split_path_info


    Code (Text):
    #fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    


    Then the new /usr/local/nginx/conf/conf.d/domain.com.conf would look like below

    Code (Text):
    server {
      server_name domain.com www.domain.com  domain.com ;
      return 302 https://domain.com$request_uri;
    }
    # https SSL SPDY vhost
    server {
            listen 443 ssl http2;
                server_name domain.com www.domain.com;
            ssl_dhparam /usr/local/nginx/conf/ssl/domain.com/dhparam.pem;
            ssl_certificate /usr/local/nginx/conf/ssl/domain.com/ssl-unified.crt;
            ssl_certificate_key /usr/local/nginx/conf/ssl/domain.com/onthecheap_store.key;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_session_cache shared:SSL:10m;
            ssl_session_timeout 10m;
            ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!CAMELLIA;
            ssl_prefer_server_ciphers on;
            add_header Alternate-Protocol 443:npn-spdy/3;
            add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
            add_header X-Content-Type-Options "nosniff";
            add_header X-Frame-Options SAMEORIGIN;
            add_header X-Xss-Protection "1; mode=block" always;
            #add_header Content-Security-Policy upgrade-insecure-requests;
                    
            # nginx 1.5.9+ or higher
            # http://nginx.org/en/docs/http/ngx_http_spdy_module.html#spdy_headers_comp
            # http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_buffer_size
            # spdy_headers_comp 0;
            # ssl_buffer_size 4k;
            
                 # enable ocsp stapling
            resolver 8.8.8.8;
            ssl_stapling on;
            ssl_stapling_verify on;
            ssl_trusted_certificate /usr/local/nginx/conf/ssl/domain.com/ssl-trusted.crt;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain.com/log/access.log combined buffer=32k;
      error_log /home/nginx/domains/domain.com/log/error.log;
      #include /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf;
      #root /home/nginx/domains/domain.com/public;
      set $MAGE_ROOT /home/nginx/domains/domain.com/public;
    
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      #include /usr/local/nginx/conf/503include-main.conf;
      
      # ngx_pagespeed & ngx_pagespeed handler
      #include /usr/local/nginx/conf/pagespeed.conf;
      #include /usr/local/nginx/conf/pagespeedhandler.conf;
      #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
     ## Example configuration:
    # upstream fastcgi_backend {
    #    # use tcp connection
    #    # server  127.0.0.1:9000;
    #    # or socket
    #    server   unix:/var/run/php5-fpm.sock;
    #    server   unix:/var/run/php/php7.0-fpm.sock;
    # }
    # server {
    #    listen 80;
    #    server_name mage.dev;
    #    set $MAGE_ROOT /var/www/magento2;
    #    include /vagrant/magento2/nginx.conf.sample;
    # }
    #
    ## Optional override of deployment mode. We recommend you use the
    ## command 'bin/magento deploy:mode:set' to switch modes instead.
    ##
    ## set $MAGE_MODE default; # or production or developer
    ##
    ## If you set MAGE_MODE in server config, you must pass the variable into the
    ## PHP entry point blocks, which are indicated below. You can pass
    ## it in using:
    ##
    ## fastcgi_param  MAGE_MODE $MAGE_MODE;
    ##
    ## In production mode, you should uncomment the 'expires' directive in the /static/ location block
    
    root $MAGE_ROOT/pub;
    
    index index.php;
    autoindex off;
    charset UTF-8;
    error_page 404 403 = /errors/404.php;
    #add_header "X-UA-Compatible" "IE=Edge";
    
    # PHP entry point for setup application
    location ~* ^/setup($|/) {
        root $MAGE_ROOT;
        location ~ ^/setup/index.php {
            include /usr/local/nginx/conf/php.conf;
        }
    
        location ~ ^/setup/(?!pub/). {
            deny all;
        }
    
        location ~ ^/setup/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
    # PHP entry point for update application
    location ~* ^/update($|/) {
        root $MAGE_ROOT;
    
        location ~ ^/update/index.php {
            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
            include /usr/local/nginx/conf/php_magento.conf;
        }
    
        # Deny everything but index.php
        location ~ ^/update/(?!pub/). {
            deny all;
        }
    
        location ~ ^/update/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
    
    location /pub/ {
        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
            deny all;
        }
        alias $MAGE_ROOT/pub/;
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /static/ {
        # Uncomment the following line in production mode
        expires max;
    
        # Remove signature of the static files that is used to overcome the browser cache
        location ~ ^/static/version {
            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
        }
    
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
    
            if (!-f $request_filename) {
                rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
            }
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
    
            if (!-f $request_filename) {
               rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
            }
        }
        if (!-f $request_filename) {
            rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/ {
        try_files $uri $uri/ /get.php$is_args$args;
    
        location ~ ^/media/theme_customization/.*\.xml {
            deny all;
        }
    
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
            try_files $uri $uri/ /get.php$is_args$args;
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
            try_files $uri $uri/ /get.php$is_args$args;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/customer/ {
        deny all;
    }
    
    location /media/downloadable/ {
        deny all;
    }
    
    location /media/import/ {
        deny all;
    }
    
    # PHP entry point for main application
    location ~ (index|get|static|report|404|503)\.php$ {
        try_files $uri =404;
        #fastcgi_pass   fastcgi_backend;
        fastcgi_buffers 1024 4k;
    
        fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
        fastcgi_param  PHP_VALUE "memory_limit=4096M \n max_execution_time=18000";
        fastcgi_read_timeout 600s;
        fastcgi_connect_timeout 600s;
    
        include /usr/local/nginx/conf/php.conf;
    }
    
    gzip on;
    gzip_disable "msie6";
    
    gzip_comp_level 6;
    gzip_min_length 1100;
    gzip_buffers 16 8k;
    gzip_proxied any;
    gzip_types
        text/plain
        text/css
        text/js
        text/xml
        text/javascript
        application/javascript
        application/x-javascript
        application/json
        application/xml
        application/xml+rss
        image/svg+xml;
    gzip_vary on;
    
    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
    location ~* (\.php$|\.htaccess$|\.git) {
        deny all;
    }
     
      #include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }


    I have used 4096MB at this location in the file you may change it to a value that you like; however, I believe that you will need at least 2 GB of ram not to have any problems.

    Code (Text):
        fastcgi_param  PHP_VALUE "memory_limit=4096M \n max_execution_time=18000";


    Also please keep in mind that this vhost configuration is based on a paid SSL cert. You can easily change it by copying and pasting in the appropriate areas. God bless you!
     
  2. eva2000

    eva2000 Administrator Staff Member

    53,190
    12,113
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,649
    Local Time:
    3:19 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    @ljseals very nice thanks for sharing and great to see Centmin Mod users starting to share their own usage guides - particularly for Magento 2 as I never used Magento myself.
     
  3. computer19852007

    computer19852007 Member

    84
    8
    8
    Jun 25, 2014
    Ratings:
    +9
    Local Time:
    12:19 PM
    Centmin Mod 1.2.3-eva2000.06
    MariaDB 5.5.34
    Code:
    nginx: [emerg] "set" directive is not allowed here in /usr/local/nginx/conf/conf.d/domain.conf:42
    Please Help me

    I used Centmin Mod 123.09beta
    Thanks you
     
  4. eva2000

    eva2000 Administrator Staff Member

    53,190
    12,113
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,649
    Local Time:
    3:19 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    contents of /usr/local/nginx/conf/conf.d/domain.conf ? post to pastebin.com or gist.github.com
     
  5. ljseals

    ljseals Member

    101
    24
    18
    Dec 20, 2016
    Ratings:
    +46
    Local Time:
    12:19 AM
    I do not use Magento 2, as it is more expensive cost-wise to Magneto 1; however, please keep in mind that the conf file is only an example. Meaning you must go through and change all the domain.com to your current domain name or you can just simply use the below code in your created nginx config file.

    Code:
     ## Example configuration:
    # upstream fastcgi_backend {
    #    # use tcp connection
    #    # server  127.0.0.1:9000;
    #    # or socket
    #    server   unix:/var/run/php5-fpm.sock;
    #    server   unix:/var/run/php/php7.0-fpm.sock;
    # }
    # server {
    #    listen 80;
    #    server_name mage.dev;
    #    set $MAGE_ROOT /var/www/magento2;
    #    include /vagrant/magento2/nginx.conf.sample;
    # }
    #
    ## Optional override of deployment mode. We recommend you use the
    ## command 'bin/magento deploy:mode:set' to switch modes instead.
    ##
    ## set $MAGE_MODE default; # or production or developer
    ##
    ## If you set MAGE_MODE in server config, you must pass the variable into the
    ## PHP entry point blocks, which are indicated below. You can pass
    ## it in using:
    ##
    ## fastcgi_param  MAGE_MODE $MAGE_MODE;
    ##
    ## In production mode, you should uncomment the 'expires' directive in the /static/ location block
    
    root $MAGE_ROOT/pub;
    
    index index.php;
    autoindex off;
    charset UTF-8;
    error_page 404 403 = /errors/404.php;
    #add_header "X-UA-Compatible" "IE=Edge";
    
    # PHP entry point for setup application
    location ~* ^/setup($|/) {
        root $MAGE_ROOT;
        location ~ ^/setup/index.php {
            include /usr/local/nginx/conf/php.conf;
        }
    
        location ~ ^/setup/(?!pub/). {
            deny all;
        }
    
        location ~ ^/setup/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
    # PHP entry point for update application
    location ~* ^/update($|/) {
        root $MAGE_ROOT;
    
        location ~ ^/update/index.php {
            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
            include /usr/local/nginx/conf/php_magento.conf;
        }
    
        # Deny everything but index.php
        location ~ ^/update/(?!pub/). {
            deny all;
        }
    
        location ~ ^/update/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
    
    location /pub/ {
        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
            deny all;
        }
        alias $MAGE_ROOT/pub/;
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /static/ {
        # Uncomment the following line in production mode
        expires max;
    
        # Remove signature of the static files that is used to overcome the browser cache
        location ~ ^/static/version {
            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
        }
    
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
    
            if (!-f $request_filename) {
                rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
            }
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
    
            if (!-f $request_filename) {
               rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
            }
        }
        if (!-f $request_filename) {
            rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/ {
        try_files $uri $uri/ /get.php$is_args$args;
    
        location ~ ^/media/theme_customization/.*\.xml {
            deny all;
        }
    
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
            try_files $uri $uri/ /get.php$is_args$args;
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
            try_files $uri $uri/ /get.php$is_args$args;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/customer/ {
        deny all;
    }
    
    location /media/downloadable/ {
        deny all;
    }
    
    location /media/import/ {
        deny all;
    }
    
    # PHP entry point for main application
    location ~ (index|get|static|report|404|503)\.php$ {
        try_files $uri =404;
        #fastcgi_pass   fastcgi_backend;
        fastcgi_buffers 1024 4k;
    
        fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
        fastcgi_param  PHP_VALUE "memory_limit=4096M \n max_execution_time=18000";
        fastcgi_read_timeout 600s;
        fastcgi_connect_timeout 600s;
    
        include /usr/local/nginx/conf/php.conf;
    }
    
    gzip on;
    gzip_disable "msie6";
    
    gzip_comp_level 6;
    gzip_min_length 1100;
    gzip_buffers 16 8k;
    gzip_proxied any;
    gzip_types
        text/plain
        text/css
        text/js
        text/xml
        text/javascript
        application/javascript
        application/x-javascript
        application/json
        application/xml
        application/xml+rss
        image/svg+xml;
    gzip_vary on;
    
    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
    location ~* (\.php$|\.htaccess$|\.git) {
        deny all;
    }
    Then comment out static files
    Code:
      #include /usr/local/nginx/conf/staticfiles.conf;
    Comment out root
    Code:
      #root /home/nginx/domains/domain.com/public;
    And set root to magento
    Code:
      set $MAGE_ROOT /home/nginx/domains/domain.com/public;
    Comment out Error Page
    Code:
      #include /usr/local/nginx/conf/errorpage.conf;
     
    Last edited: Aug 2, 2017
  6. computer19852007

    computer19852007 Member

    84
    8
    8
    Jun 25, 2014
    Ratings:
    +9
    Local Time:
    12:19 PM
    Centmin Mod 1.2.3-eva2000.06
    MariaDB 5.5.34
    I used Centmin Mod 123.09beta
    - Nginx Version: 1.13.3
    - php version: PHP 5.6.5
    - Server: MariaDB 10.1.25

    Code:
    # Centmin Mod Getting Started Guide
    # must read http://centminmod.com/getstarted.html
    
    # redirect from non-www to www
    # uncomment, save file and restart Nginx to enable
    # if unsure use return 302 before using return 301
    
    
    server {
      listen   8080;
      server_name domain.com www.domain.com;
      return 301 https://$server_name$request_uri;
      }
    
      server {
        listen 443 ssl http2;
        server_name domain.com www.domain.com;
    
        ssl_dhparam /usr/local/nginx/conf/ssl/domain.com/dhparam.pem;
        ssl_certificate      /usr/local/nginx/conf/ssl/domain.com/domain.com.crt;
        ssl_certificate_key  /usr/local/nginx/conf/ssl/domain.com/domain.com.key;
        include /usr/local/nginx/conf/ssl_include.conf;
        proxy_ssl_session_reuse off;
    
        # mozilla recommended
        ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
        ssl_prefer_server_ciphers   on;
        #add_header Alternate-Protocol  443:npn-spdy/3;
        add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
        #add_header  X-Content-Type-Options "nosniff";
        #add_header X-Frame-Options DENY;
        #spdy_headers_comp 5;
        ssl_buffer_size 1400;
        ssl_session_tickets on;
    
        # enable ocsp stapling
        resolver 8.8.8.8 8.8.4.4;
        resolver_timeout 10s;
        ssl_stapling on;
        ssl_stapling_verify on;
        ssl_trusted_certificate /usr/local/nginx/conf/ssl/domain.com/domain.com-trusted.crt;
    
    
      # Cloudflare
      set_real_ip_from 204.93.240.0/24;
      set_real_ip_from 204.93.177.0/24;
      set_real_ip_from 199.27.128.0/21;
      set_real_ip_from 173.245.48.0/20;
      set_real_ip_from 103.21.244.0/22;
      set_real_ip_from 103.22.200.0/22;
      set_real_ip_from 103.31.4.0/22;
      set_real_ip_from 141.101.64.0/18;
      set_real_ip_from 108.162.192.0/18;
      set_real_ip_from 190.93.240.0/20;
      set_real_ip_from 188.114.96.0/20;
      set_real_ip_from 197.234.240.0/22;
      set_real_ip_from 198.41.128.0/17;
      set_real_ip_from 162.158.0.0/15;
      set_real_ip_from 104.16.0.0/12;
    
    
      real_ip_header CF-Connecting-IP;
    
    
    # ngx_pagespeed & ngx_pagespeed handler
    #include /usr/local/nginx/conf/pagespeed.conf;
    #include /usr/local/nginx/conf/pagespeedhandler.conf;
    #include /usr/local/nginx/conf/pagespeedstatslog.conf;
    
      set $MAGE_ROOT /home/nginx/domains/domain.com/public;
      set $MAGE_MODE default;
      charset off;
      #add_header X-Frame-Options SAMEORIGIN;
      #add_header X-Xss-Protection "1; mode=block" always;
      #add_header X-Content-Type-Options "nosniff" always;
    
      # limit_conn limit_per_ip 16;
      # ssi  on;
    
      access_log /home/nginx/domains/domain.com/log/access.log combined buffer=256k flush=5m;
      error_log /home/nginx/domains/domain.com/log/error.log;
    
      #include /usr/local/nginx/conf/autoprotect/domain.com/autoprotect-domain.com.conf;
      #root /home/nginx/domains/domain.com/public;
      root $MAGE_ROOT/pub;
    
      # uncomment cloudflare.conf include if using cloudflare for
      # server and/or vhost site
      #include /usr/local/nginx/conf/cloudflare.conf;
      #include /usr/local/nginx/conf/503include-main.conf;
    
    location /setup {
        root $MAGE_ROOT;
        location ~ ^/setup/index.php {
            include /usr/local/nginx/conf/php.conf;
        }
    
        location ~ ^/setup/(?!pub/). {
            deny all;
        }
    
        location ~ ^/setup/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
    location /update {
        root $MAGE_ROOT;
    
        location ~ ^/update/index.php {
            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
            include /usr/local/nginx/conf/php_custom.conf;
        }
    
        # deny everything but index.php
        location ~ ^/update/(?!pub/). {
            deny all;
        }
    
        location ~ ^/update/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
      location / {
      #include /usr/local/nginx/conf/503include-only.conf;
      # block common exploits, sql injections etc
      #include /usr/local/nginx/conf/block.conf;
    
      try_files $uri $uri/ /index.php?$args;
      }
    
    location /pub {
        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
            deny all;
        }
        alias $MAGE_ROOT/pub;
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /static/ {
        if ($MAGE_MODE = "production") {
            expires max;
        }
        location ~ ^/static/version {
            rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
        }
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
    
            if (!-f $request_filename) {
                rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
            }
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
    
            if (!-f $request_filename) {
               rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
            }
        }
        if (!-f $request_filename) {
            rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/ {
        try_files $uri $uri/ /get.php?$args;
    
        location ~ ^/media/theme_customization/.*\.xml {
            deny all;
        }
    
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
            try_files $uri $uri/ /get.php?$args;
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
            try_files $uri $uri/ /get.php?$args;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/customer/ {
        deny all;
    }
    
    location /media/downloadable/ {
        deny all;
    }
    
    location /media/import/ {
        deny all;
    }
    
    location ~ cron\.php {
        deny all;
    }
    
    location ~ (index|get|static|report|404|503)\.php$ {
        fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
        fastcgi_param  PHP_VALUE "memory_limit=400M \n max_execution_time=600";
        fastcgi_param  MAGE_MODE $MAGE_MODE;
        include /usr/local/nginx/conf/php.conf;
    }
    
      #include /usr/local/nginx/conf/staticfiles.conf;
      include /usr/local/nginx/conf/php.conf;
      include /usr/local/nginx/conf/drop.conf;
      #include /usr/local/nginx/conf/errorpage.conf;
      include /usr/local/nginx/conf/vts_server.conf;
    }
    
    But Magento 2.1.7 load very slow?
    Please view nginx config, is it error?
     
  7. ljseals

    ljseals Member

    101
    24
    18
    Dec 20, 2016
    Ratings:
    +46
    Local Time:
    12:19 AM
    This is your code.
    Code:
    location ~ (index|get|static|report|404|503)\.php$ {
       fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
       fastcgi_param  PHP_VALUE "memory_limit=400M \n max_execution_time=600";
       fastcgi_param  MAGE_MODE $MAGE_MODE;
       include /usr/local/nginx/conf/php.conf;
    }
    
    You are going to have to adjust the values base on your server specifications. I used the below code that is also shown in the example. I put 4096MB but it should work with much less. I am not an expert but it seems that this may be the cause of the issue. God bless you.
    Code:
    location ~ (index|get|static|report|404|503)\.php$ {
        try_files $uri =404;
        #fastcgi_pass   fastcgi_backend;
        fastcgi_buffers 1024 4k;
    
        fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
        fastcgi_param  PHP_VALUE "memory_limit=4096M \n max_execution_time=18000";
        fastcgi_read_timeout 600s;
        fastcgi_connect_timeout 600s;
    This is the specific code.
    Code:
    fastcgi_param  PHP_VALUE "memory_limit=4096M \n max_execution_time=18000";
    The execution time I used is extremely high; however, it worked fine. You may need to read Magento official documentation to get the best settings. God bless you.
     
  8. computer19852007

    computer19852007 Member

    84
    8
    8
    Jun 25, 2014
    Ratings:
    +9
    Local Time:
    12:19 PM
    Centmin Mod 1.2.3-eva2000.06
    MariaDB 5.5.34
    Thank @ljseals , my VPS with 2 Core CPU and RAM 2GB.

    Thanks
     
  9. ljseals

    ljseals Member

    101
    24
    18
    Dec 20, 2016
    Ratings:
    +46
    Local Time:
    12:19 AM
    The lowest memory you can run Magento 2 on is 768MB so try that setting with 1024mb. You can set max execution time from 120 seconds to 300 seconds it should be fine. I believe that I made a typo earlier in the code at this setting as I believe that I was testing to see what was causing the slow backend. God bless you!
     
  10. computer19852007

    computer19852007 Member

    84
    8
    8
    Jun 25, 2014
    Ratings:
    +9
    Local Time:
    12:19 PM
    Centmin Mod 1.2.3-eva2000.06
    MariaDB 5.5.34
    Thank you,
    i have a question: i have copy a php_custom.conf it same php_magento.conf your config, and Do I need to delete or change all lines to php_custom.conf?

    Code:
    include /usr/local/nginx/conf/php.conf
    Thanks
     
  11. ljseals

    ljseals Member

    101
    24
    18
    Dec 20, 2016
    Ratings:
    +46
    Local Time:
    12:19 AM
    Copy php.conf to php_magento.conf
    Code:
    cp -a /usr/local/nginx/conf/php.conf /usr/local/nginx/conf/php_magento.conf
    
    It will create an exact copy leaving the orginal intact and the only modification you need to do is comment out the below line of code.
    Code:
    #fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    
    God bless you!