Last active
August 29, 2015 13:56
-
-
Save perusio/9033590 to your computer and use it in GitHub Desktop.
Running drupal in a subdir.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# -*- mode: nginx; mode: flyspell-prog; ispell-local-dictionary: "american" -*- | |
### Nginx configuration for Drupal. This configuration makes use of | |
### drush (http:///drupal.org/project/drush) for site maintenance | |
### and like tasks: | |
### | |
### 1. Run the cronjobs. | |
### 2. Run the DB and code updates: drush up or drush upc followed by | |
### drush updb to run any DB updates required by the code upgrades | |
### that were performed. | |
### 3. Disabling of xmlrpc.xml, install.php (needed only for | |
### installing the site) and update.php: all updates are now | |
### handled through drush. | |
## The 'default' location. | |
location $drupal_dir/ { | |
## Drupal 404 from can impact performance. If using a module like | |
## search404 then 404's *have *to be handled by Drupal. Uncomment to | |
## relay the handling of 404's to Drupal. | |
## error_page 404 /index.php; | |
## Using a nested location is the 'correct' way to use regexes. | |
## Regular private file serving (i.e. handled by Drupal). | |
location ^~ $drupal_dir/system/files/ { | |
## Include the specific FastCGI configuration. This is for a | |
## FCGI backend like php-cgi or php-fpm. | |
include apps/drupal/fastcgi_drupal.conf; | |
fastcgi_pass phpcgi; | |
## If proxying to apache comment the two lines above and | |
## uncomment the two lines below. | |
#proxy_pass http://phpapache/index.php?q=$uri; | |
#proxy_set_header Connection ''; | |
## For not signaling a 404 in the error log whenever the | |
## system/files directory is accessed add the line below. | |
## Note that the 404 is the intended behavior. | |
log_not_found off; | |
} | |
## Trying to access private files directly returns a 404. | |
location ^~ $drupal_dir/sites/default/files/private/ { | |
internal; | |
} | |
## Support for the file_force module | |
## http://drupal.org/project/file_force. | |
location ^~ $drupal_dir/system/files_force/ { | |
## Include the specific FastCGI configuration. This is for a | |
## FCGI backend like php-cgi or php-fpm. | |
include apps/drupal/fastcgi_drupal.conf; | |
fastcgi_pass phpcgi; | |
## If proxying to apache comment the two lines above and | |
## uncomment the two lines below. | |
#proxy_pass http://phpapache/index.php?q=$uri; | |
#proxy_set_header Connection ''; | |
## For not signaling a 404 in the error log whenever the | |
## system/files directory is accessed add the line below. | |
## Note that the 404 is the intended behavior. | |
log_not_found off; | |
} | |
## If accessing an image generated by Drupal 6 imagecache, serve it | |
## directly if available, if not relay the request to Drupal to (re)generate | |
## the image. | |
location ~* $drupal_dir/imagecache/ { | |
## Image hotlinking protection. If you want hotlinking | |
## protection for your images uncomment the following line. | |
#include apps/drupal/hotlinking_protection.conf; | |
access_log off; | |
expires 30d; | |
try_files $uri @drupal; | |
} | |
## Drupal 7 generated image handling, i.e., imagecache in core. See: | |
## http://drupal.org/node/371374. | |
location ~* $drupal_dir/files/styles/ { | |
## Image hotlinking protection. If you want hotlinking | |
## protection for your images uncomment the following line. | |
#include apps/drupal/hotlinking_protection.conf; | |
access_log off; | |
expires 30d; | |
try_files $uri @drupal; | |
} | |
## Advanced Aggregation module CSS | |
## support. http://drupal.org/project/advagg. | |
location ^~ $drupal_dir/sites/default/files/advagg_css/ { | |
expires max; | |
add_header ETag ''; | |
add_header Last-Modified 'Wed, 20 Jan 1988 04:20:42 GMT'; | |
add_header Accept-Ranges ''; | |
location ~* $drupal_dir/sites/default/files/advagg_css/css[_[:alnum:]]+\.css$ { | |
access_log off; | |
try_files $uri @drupal; | |
} | |
} | |
## Advanced Aggregation module JS | |
## support. http://drupal.org/project/advagg. | |
location ^~ $drupal_dir/sites/default/files/advagg_js/ { | |
expires max; | |
add_header ETag ''; | |
add_header Last-Modified 'Wed, 20 Jan 1988 04:20:42 GMT'; | |
add_header Accept-Ranges ''; | |
location ~* $drupal_dir/sites/default/files/advagg_js/js[_[:alnum:]]+\.js$ { | |
access_log off; | |
try_files $uri @drupal; | |
} | |
} | |
## All static files will be served directly. | |
location ~* ^.+\.(?:css|cur|js|jpe?g|gif|htc|ico|png|html|xml|otf|ttf|eot|woff|svg)$ { | |
access_log off; | |
expires 30d; | |
## No need to bleed constant updates. Send the all shebang in one | |
## fell swoop. | |
tcp_nodelay off; | |
## Set the OS file cache. | |
open_file_cache max=3000 inactive=120s; | |
open_file_cache_valid 45s; | |
open_file_cache_min_uses 2; | |
open_file_cache_errors off; | |
} | |
## PDFs and powerpoint files handling. | |
location ~* ^.+\.(?:pdf|pptx?)$ { | |
expires 30d; | |
## No need to bleed constant updates. Send the all shebang in one | |
## fell swoop. | |
tcp_nodelay off; | |
} | |
## MP3 and Ogg/Vorbis files are served using AIO when supported. Your OS must support it. | |
location ^~ $drupal_dir/sites/default/files/audio/mp3 { | |
location ~* ^$drupal_dir/sites/default/files/audio/mp3/.*\.mp3$ { | |
directio 4k; # for XFS | |
## If you're using ext3 or similar uncomment the line below and comment the above. | |
#directio 512; # for ext3 or similar (block alignments) | |
tcp_nopush off; | |
aio on; | |
output_buffers 1 2M; | |
} | |
} | |
location ^~ $drupal_dir/sites/default/files/audio/ogg { | |
location ~* ^$drupal_dir/sites/default/files/audio/ogg/.*\.ogg$ { | |
directio 4k; # for XFS | |
## If you're using ext3 or similar uncomment the line below and comment the above. | |
#directio 512; # for ext3 or similar (block alignments) | |
tcp_nopush off; | |
aio on; | |
output_buffers 1 2M; | |
} | |
} | |
## Pseudo streaming of FLV files: | |
## http://wiki.nginx.org/HttpFlvStreamModule. | |
## If pseudo streaming isn't working, try to comment | |
## out in nginx.conf line with: | |
## add_header X-Frame-Options SAMEORIGIN; | |
location ^~ $drupal_dir/sites/default/files/video/flv { | |
location ~* ^/sites/default/files/video/flv/.*\.flv$ { | |
flv; | |
} | |
} | |
## Pseudo streaming of H264/AAC files. This requires an Nginx | |
## version greater or equal to 1.0.7 for the stable branch and | |
## greater or equal to 1.1.3 for the development branch. | |
## Cf. http://nginx.org/en/docs/http/ngx_http_mp4_module.html. | |
location ^~ $drupal_dir/sites/default/files/video/mp4 { # videos | |
location ~* ^/sites/default/files/video/mp4/.*\.(?:mp4|mov)$ { | |
mp4; | |
mp4_buffer_size 1M; | |
mp4_max_buffer_size 5M; | |
} | |
} | |
location ^~ $drupal_dir/sites/default/files/audio/m4a { # audios | |
location ~* ^/sites/default/files/audio/m4a/.*\.m4a$ { | |
mp4; | |
mp4_buffer_size 1M; | |
mp4_max_buffer_size 5M; | |
} | |
} | |
## Advanced Help module makes each module provided README available. | |
location ^~ $drupal_dir/help/ { | |
location ~* ^/help/[^/]*/README\.txt$ { | |
## Include the specific FastCGI configuration. This is for a | |
## FCGI backend like php-cgi or php-fpm. | |
include apps/drupal/fastcgi_drupal.conf; | |
fastcgi_pass phpcgi; | |
## If proxying to apache comment the two lines above and | |
## uncomment the two lines below. | |
#proxy_pass http://phpapache/index.php?q=$uri; | |
#proxy_set_header Connection ''; | |
} | |
} | |
## Replicate the Apache <FilesMatch> directive of Drupal standard | |
## .htaccess. Disable access to any code files. Return a 404 to curtail | |
## information disclosure. Hide also the text files. | |
location ~* ^(?:.+\.(?:htaccess|make|txt|engine|inc|info|install|module|profile|po|pot|sh|.*sql|test|theme|tpl(?:\.php)?|xtmpl)|code-style\.pl|/Entries.*|/Repository|/Root|/Tag|/Template)$ { | |
return 404; | |
} | |
## First we try the URI and relay to the /index.php?q=$uri&$args if not found. | |
try_files $uri @drupal; | |
} | |
########### Security measures ########## | |
## Uncomment the line below if you want to enable basic auth for | |
## access to all /admin URIs. Note that this provides much better | |
## protection if use HTTPS. Since it can easily be eavesdropped if you | |
## use HTTP. | |
#include apps/drupal/admin_basic_auth.conf; | |
## Restrict access to the strictly necessary PHP files. Reducing the | |
## scope for exploits. Handling of PHP code and the Drupal event loop. | |
location @drupal { | |
## Include the FastCGI config. | |
include apps/drupal/fastcgi_drupal.conf; | |
fastcgi_pass phpcgi; | |
## FastCGI microcache. | |
include apps/drupal/microcache_fcgi.conf; | |
## FCGI microcache for authenticated users also. | |
#include apps/drupal/microcache_fcgi_auth.conf; | |
## If proxying to apache comment the two lines above and | |
## uncomment the two lines below. | |
#proxy_pass http://phpapache/index.php?q=$uri; | |
#proxy_set_header Connection ''; | |
## Proxy microcache. | |
#include apps/drupal/microcache_proxy.conf; | |
## Proxy microcache for authenticated users also. | |
#include apps/drupal/microcache_proxy_auth.conf; | |
## Filefield Upload progress | |
## http://drupal.org/project/filefield_nginx_progress support | |
## through the NginxUploadProgress modules. | |
track_uploads uploads 60s; | |
} | |
location @drupal-no-args { | |
## Include the specific FastCGI configuration. This is for a | |
## FCGI backend like php-cgi or php-fpm. | |
include apps/drupal/fastcgi_no_args_drupal.conf; | |
fastcgi_pass phpcgi; | |
## FastCGI microcache. | |
include apps/drupal/microcache_fcgi.conf; | |
## FCGI microcache for authenticated users also. | |
#include apps/drupal/microcache_fcgi_auth.conf; | |
## If proxying to apache comment the two lines above and | |
## uncomment the two lines below. | |
#proxy_pass http://phpapache/index.php?q=$uri; | |
#proxy_set_header Connection ''; | |
## Proxy microcache. | |
#include apps/drupal/microcache_proxy.conf; | |
## Proxy microcache for authenticated users also. | |
#include apps/drupal/microcache_proxy_auth.conf; | |
} | |
## Disallow access to .bzr, .git, .hg, .svn, .cvs directories: return | |
## 404 as not to disclose information. | |
location ^~ $drupal_dir/.bzr { | |
return 404; | |
} | |
location ^~ $drupal_dir/.git { | |
return 404; | |
} | |
location ^~ $drupal_dir/.hg { | |
return 404; | |
} | |
location ^~ $drupal_dir/.svn { | |
return 404; | |
} | |
location ^~ $drupal_dir/.cvs { | |
return 404; | |
} | |
## Disallow access to patches directory. | |
location ^~ $drupal_dir/patches { | |
return 404; | |
} | |
## Disallow access to drush backup directory. | |
location ^~ $drupal_dir/backup { | |
return 404; | |
} | |
## Disable access logs for robots.txt. | |
location = $drupal_dir/robots.txt { | |
access_log off; | |
## Add support for the robotstxt module | |
## http://drupal.org/project/robotstxt. | |
try_files $uri @drupal-no-args; | |
} | |
## RSS feed support. | |
location = $drupal_dir/rss.xml { | |
try_files $uri @drupal-no-args; | |
} | |
## XML Sitemap support. | |
location = $drupal_dir/sitemap.xml { | |
try_files $uri @drupal-no-args; | |
} | |
## Support for favicon. Return an 1x1 transparent GIF if it doesn't | |
## exist. | |
location = $drupal_dir/favicon.ico { | |
expires 30d; | |
try_files /favicon.ico @empty; | |
} | |
## Return an in memory 1x1 transparent GIF. | |
location @empty { | |
expires 30d; | |
empty_gif; | |
} | |
## Any other attempt to access PHP files returns a 404. | |
location ~* ^.+\.php$ { | |
return 404; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
hi perusio I found this file through a drupal thread https://groups.drupal.org/node/315193 and have tried to apply this to my configuration following instructions you gave on that thread
nginx -t returns nginx.conf syntax is ok
but all I am getting is a bunch of 404's
so, I am thinking the problem is perhaps in the folder structure I am using
HTTP server.
Return (no rewrite) server block.
server {
## This is to avoid the spurious if for sub-domain name
## "rewriting".
listen 80; # IPv4
## Replace the IPv6 address by your own address. The address below
## was stolen from the wikipedia page on IPv6.
#listen [::]:80;
server_name www.demo.example.site;
return 301 $scheme://demo.example.site$request_uri;
} # server domain return.
HTTP server.
server {
listen 80; # IPv4
## Replace the IPv6 address by your own address. The address below
## was stolen from the wikipedia page on IPv6.
#listen [::]:80;
can you see any reason why
The 'default' location.
location $drupal_dir/ {
would not work?
Please help, I've been trying to get my demo site to resolve to demo.example.site/mysubfolder for days now and with default drupal.conf without $drupal_dir it resolves to demo.example.site without any problems but on demo.example.site/mysubfolder I get the drupal's "page not found" 404 and I really need it to resolve to demo.example.site/mysubfolder as I plan to use demo.example.site to showcase some projects so there would be demo.example.site/mysubfolder_2 and demo.example.site/mysubfolder_3 etc...
Please help! I know you're busy and really tried not to bother you with comments here but I've been trying for days, googling for a solution etc but I got nowhere so....