romanoza
(Romanoza)
October 22, 2010, 11:47am
1
There is wrong config for nginx. It’s wrong 'cos it’s not correct to use rewrite every time (speed).
Here is correct config from nginx author (russian).
My config:
log_format withservname '$host:$server_port $remote_addr $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/access.log withservname;
server_tokens off;
server {
server_name www.yoursite.com;
listen 80;
rewrite ^(.*)$ http://yoursite.com$1 permanent;
}
server {
server_name yoursite.com;
listen 80;
rewrite ^(.*)$ https://yoursite.com$1 permanent;
}
server {
server_name yoursite.com;
listen 443 default ssl;
keepalive_timeout 70;
ssl on;
ssl_certificate /etc/ssl/certs/startssl_yoursite.com.pem;
ssl_certificate_key /etc/ssl/private/yoursite.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
try_files $uri $uri/ @yii;
root /var/www/yoursite.com/htdocs;
index index.html index.htm index.php;
location ~ /\.ht {
deny all;
}
location /var/www/yoursite.com/htdocs/protected/ {
deny all;
}
location ~ \.php$ {
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php-fcgi.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* \.(gif|jp(|e)g|png|mp(|e)g|avi|flv|swf)$ {
expires 1d;
}
}
location @yii {
root /var/www/yoursite.com/htdocs;
include fastcgi_params;
fastcgi_pass unix:/var/run/php-fcgi.sock;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param QUERY_STRING $args;
}
}
Maxximus
(Maxximus007)
October 28, 2010, 11:16pm
2
Just using Nginx (and PHP-FPM) as my test server locally, so there might be loose ends, but this is more than enough to run Yii on a Nginx server in document_root:
server {
server_name testdrive;
root /path/to/yii/WebRoot/testdrive;
index index.php;
location / {
try_files $uri $uri/ /index.php;
}
location $document_root/protected/ {
deny all;
}
location ~* \.(gif|jp(|e)g|png|mp(|e)g|avi|flv|swf)$ {
expires 30d;
access_log off;
}
location ~ \.php {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
access_log off;
}
}
In fastcgi_params there must be REQUEST_URI defined, otherwise define it as $request_uri.
Additions are welcome!
Orteko
(Ak)
October 29, 2010, 2:56am
3
One thing that I do regardless of project is move the /protected/ directory outside of the web root, usually to a /application/ directory instead.
All that needs changing is the $config variable and you no longer have to bother with writing specific statements to deny access to the directory if you aren’t running apache.
TBH, i’m not sure why it isn’t done this way by default - there is never a valid reason for having the /protected/ directory directly accessible via the web so why bother putting it there and then denying access to it?
Maxximus
(Maxximus007)
October 30, 2010, 8:50am
4
Sure, there is no need to keep the protected directory under web root. But since this is the default, I put it there to be similar to the standard Apache setup.
One thing I found with Nginx when using multiple server_names is that the PHP var SERVER_NAME is not correctly set. To prevent this, add the following line in the PHP part:
fastcgi_param SERVER_NAME $http_host;
After that, the Yii::app()->request->serverName will be set correctly.
idolzhenko
(Idolzhenko)
January 25, 2011, 2:29pm
5
It’s my working config file for nginx-0.8.53 + spawn-fcgi-1.6.3nb2 (NetBSD 5)
/home/www/framework
/home/www/public_html
worker_processes 1;
events {
worker_connections 1024;
}
http {
include /usr/pkg/etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
server {
server_name example.com;
root /home/www/public_html;
charset utf-8;
location / {
index index.php;
try_files $uri $uri/ @yii;
allow 212.14.170.226;
deny all;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /home/www/public_html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
include /usr/pkg/etc/nginx/fastcgi_params;
}
location @yii {
fastcgi_pass 127.0.0.1:9000;
include fastcgi_params;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_param SCRIPT_FILENAME $document_root/index.php;
fastcgi_param QUERY_STRING $args;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
}