Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Mautic Nginx Configuration

Mautic Nginx Configuration

These files allow you to configure Mautic using Nginx.

server {
listen 443 ssl; # managed by Certbot
server_name your.mautic.location;
root /your/mautic/path ;
server_tokens off;
add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
client_max_body_size 64M;
gzip on;
gzip_disable "msie6";
gzip_min_length 256;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types
font/truetype
font/opentype
font/woff2
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
image/svg+xml;
error_page 404 /index.php;
# redirect index.php to root
rewrite ^/index.php/(.*) /$1 permanent;
#######################################
## Start Mautic Specific config #####
#######################################
# redirect some entire folders
rewrite ^/(vendor|translations|build)/.* /index.php break;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.html
# one option: try_files $uri $uri/ /index.php$is_args$args;
try_files $uri /index.php$is_args$args;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
# Deny everything else in /app folder except Assets folder in bundles
location ~ /app/bundles/.*/Assets/ {
allow all;
access_log off;
}
location ~ /app/ { deny all; }
# Deny everything else in /addons or /plugins folder except Assets folder in bundles
location ~ /(addons|plugins)/.*/Assets/ {
allow all;
access_log off;
}
# location ~ /(addons|plugins)/ { deny all; }
# Deny all php files in themes folder
location ~* ^/themes/(.*)\.php {
deny all;
}
# Don't log favicon
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Don't log robots
location = /robots.txt {
access_log off;
log_not_found off;
}
# Deny yml, twig, markdown, init file access
location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ {
deny all;
access_log off;
log_not_found off;
}
# Deny all attempts to access hidden files/folders such as .htaccess, .htpasswd, .DS_Store (Mac), etc...
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
# Deny all grunt, composer files
location ~* (Gruntfile|package|composer)\.(js|json)$ {
deny all;
access_log off;
log_not_found off;
}
#######################################
## End Mautic Specific config #####
#######################################
location ~* \.(jpg|jpeg|png|ico|pdf)$ {
expires 15d;
}
# Deny access to any files with a .php extension in the uploads directory
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Solve email tracking pixel not found
location ~ email/(.*).gif {
try_files $uri /index.php?$args;
}
# Solve JS Loading 404 Error
location ~ (.*).js {
try_files $uri /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9003;
fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
include fastcgi_params;
}
ssl_certificate /etc/letsencrypt/live/<TLS SERVER NAME>/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/<TLS SERVER NAME>/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot
}
[mautic]
user = apache
group = apache
listen = 127.0.0.1:9003
listen.allowed_clients = 127.0.0.1
pm = dynamic
pm.max_children = 5
pm.start_servers = 1
pm.min_spare_servers = 1
pm.max_spare_servers = 2
slowlog = /var/log/php-fpm/mautic-slow.log
php_admin_value[error_log] = /var/log/php-fpm/mautic-error.log
php_admin_flag[log_errors] = on
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
php_admin_value[open_basedir] = /your/path/to/mautic
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.