Resolved Nginx Rewrites

[Janko1000]

Hi all,

i need some help to adapt some Nginx Rules.
At the Moment the Website runs on Plain Nginx without any ControlPanel.
I changed the Path and removed the FCGI Settings but everytime i go to the Website... 404.

# WordPress single site rules.
# Designed to be included in any server {} block.

# This order might seem weird - this is attempted to match last if rules below fail.
# http://wiki.nginx.org/HttpCoreModule

location / {


if ($scheme != "https")    {
        set $var D;
}

if ($host ~ ^(webmail|mail)\.seo-portal\.de) {
        set $var "${var}U";
}

if ($var = D) {
    rewrite ^ https://$host$uri permanent;
}

if ($host = 'development.seo-portal.de') {
        return 555;
}

 try_files $uri $uri/ /index.php?$args;
}

# Add trailing slash to */wp-admin requests.
rewrite /wp-admin$ $scheme://$host$uri/ permanent;

# Directives to send expires headers and turn off 404 error logging.
location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
       access_log off; log_not_found off; expires max;
}


rewrite "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(?!page/)(.+)$" https://domain.de/$4 permanent;



#Test Rewrites
    location ~ ^/wp-content/cache/minify/[^/]+/(w3tc.*)$ {
                   try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?w3tc_rewrite_test=$1;
           }
#End Test Rewrites
# BEGIN W3TC Minify core
    set $w3tc_enc "";
    location ~ ^/wp-content/cache/minify/(.+/[X]+\.css)$ {
                try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?test_file=$1;
    }
    location ~ ^/wp-content/cache/minify/(.+\.(css|js))$ {
                try_files $uri /wp-content/plugins/w3-total-cache/pub/minify.php?file=$1;
    }

# END W3TC Minify core

# Uncomment one of the lines below for the appropriate caching plugin (if used).
#include global/wordpress-wp-super-cache.conf;
#include global/wordpress-w3-total-cache.conf;

# Pass all .php files onto a php-fpm/php-fcgi server.
location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    if (!-f $document_root$fastcgi_script_name) {
        return 404;
    }
    # This is a robust solution for path info security issue and works with "cgi.fix_pathinfo = 1" in /etc/php.ini (default)

    include fastcgi.conf;
    fastcgi_index index.php;
#    fastcgi_intercept_errors on;
#    fastcgi_pass phpcgi;
    fastcgi_pass unix:/var/www/web1/conf/sockets/nginx-php-fcgi.sock;
}

location /forum {

# IPB configuration
try_files $uri $uri/ /forum/index.php$is_args$args;

}

set $frontRoot /var/www/web1/htdocs/seo-portal/dienstleister/web;

if ($host = 'development.seo-portal.de') {
    set $frontRoot /var/www/web1/htdocs/development/dienstleister/web;
}

set $sfApp app.php; # Change to app.php for prod

location /dienstleister/ { # Static files

    root $frontRoot;
    rewrite ^/dienstleister/(.*)$ /$1 break;
    try_files $uri @sfFront;
}

location @sfFront { # Symfony

    fastcgi_pass unix:/var/www/web1/conf/sockets/nginx-php-fcgi.sock;

    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $frontRoot/$sfApp;
    fastcgi_param SCRIPT_NAME /dienstleister/$sfApp;
    fastcgi_param REQUEST_URI /dienstleister$uri?$args;
    fastcgi_param HTTPS off;
}


location /dienstleister/kernel/login {
    auth_basic "Restricted";
    auth_basic_user_file /var/www/web1/.htpasswd;
    root $frontRoot;
    rewrite ^/dienstleister/(.*)$ /$1 break;
    try_files $uri @sfFront;

}

location /faq {
try_files $uri $uri/ /forum/index.php$is_args$args;
}


error_page 555 = @auth;

location @auth {
      auth_basic "Restricted";
      auth_basic_user_file /var/www/web1/.htpasswd;
      try_files $uri $uri/ /index.php?$args;
}


location ~*  \.(jpg|jpeg|png|gif|ico)$ {
    expires 30d;
}

 

[IgorG]

At the Moment the Website runs on Plain Nginx without any ControlPanel.

Therefore, I move the thread in the Open Topics

 

[trialotto]

@Janko1000

To be honest, the whole Nginx config is a bit of a mess (understatement).

You are probably getting the 404 errors due to these lines of code

if (!-f $document_root$fastcgi_script_name) {
return 404;
}

which lines on it´s turn are always effective for each and every PHP file, since Nginx simply finds the best match.

Let me explain a bit.

If you have a website with a root directory in which an index.php file resides, this index.php is the "starting point" for loading the application.

Nginx will simply find the index.php file, due to the directive: location ~ [^/]\.php(/|$) (rather messy expression!)

From that point on, the if statement will be evaluated (note: using "if" is bad in Nginx config!!!) and the if statement will always be true if

- the $document_root has not been specified (and it isn´t)
- the $fastcgi_script_name has not been properly declared (I cannot see all the config files, but in the current config file it has not been properly defined)

In short, the if statement is always evaluated as true, resulting in a 404 page.

I can be mistaken, but you try to comment the 404 error out: if the 404 page is not returned, then we are half-way.

Next, replace the "return 404" with code like: "return 301 $scheme://google.com/" (note that the rest of the config is in such a bad state that we cannot use it to test it).

If you are rerouted to google.com, then the if statement is indeed always evaluated as true.......

......and your first fix should be concerning the $document_root and $fastcgi_script_name variables.

Hope the above helps a bit.

Regards.........