Nginx php5-fpm path_info urls and root location

nginxPHPphp-fpm

Hello to all nginx & php gurus

I'm installing dotclear (a blogging software written in PHP) on my debian, and I have a hard time configuring nginx, php5-fpm and php so that :

  1. I can use PATH_INFO url rewriting since I'm following Tim Berneer's Lee advice that urls should'nt expose what particular technology you use right now http://www.w3.org/Provider/Style/URI.html
  2. satic-files are not parsed by PHP since it's terribly insecure to let example.org/uploads/image.jpg/index.php to be sent to PHP
  3. have a root location that just works example.com should be rewritten to something like example.com/index.php?start

It seems that until now, I have to choose 2, that's why I'm asking for help here.

So here is my current /etc/nginx/nginx.conf

server {
   server_name articles.eloge-de-la-folie.fr;
   root /srv/data1/articles.eloge-de-la-folie.fr  ;



index index.php?start ;
location / {
         try_files $uri $uri/ @pathinfo ;
         #try_files $uri $uri/ /index.php$uri?$args;
}



# Pretty URLs in dotclear

   # activate PATH_INFO urls in /admin/blog_pref.php

   location @pathinfo {

        rewrite ^ /index.php$uri?$args last;

   }

   location = / {

        rewrite ^ /index.php?start last;

   }

   location ~ ^(.+.php)(/.*)?$ {

            include         fastcgi_params_pathinfo ;

    }


}





I put everything fastcgi related in a separate /etc/fastcgi_params_pathinfo config file


fastcgi_param   QUERY_STRING        $query_string;
fastcgi_param   REQUEST_METHOD      $request_method;
fastcgi_param   CONTENT_TYPE        $content_type;
fastcgi_param   CONTENT_LENGTH      $content_length;

#fastcgi_param  SCRIPT_FILENAME     $request_filename;
fastcgi_param   SCRIPT_NAME     $fastcgi_script_name;
fastcgi_param   PATH_INFO               $fastcgi_path_info;
fastcgi_param   REQUEST_URI     $request_uri;
fastcgi_param   DOCUMENT_URI        $document_uri;
fastcgi_param   DOCUMENT_ROOT       $document_root;
fastcgi_param   SERVER_PROTOCOL     $server_protocol;

fastcgi_param   GATEWAY_INTERFACE   CGI/1.1;
fastcgi_param   SERVER_SOFTWARE     nginx/$nginx_version;

fastcgi_param   REMOTE_ADDR     $remote_addr;
fastcgi_param   REMOTE_PORT     $remote_port;
fastcgi_param   SERVER_ADDR     $server_addr;
fastcgi_param   SERVER_PORT     $server_port;
fastcgi_param   SERVER_NAME     $server_name;

fastcgi_param   HTTPS           $https;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param   REDIRECT_STATUS     200;


# this is what I changed
fastcgi_pass    127.0.0.1:9000;
fastcgi_index   index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;



Also in /etc/php5/fpm/pool.d/www.conf, I made sure to uncomment this 


security.limit_extensions = .php ;



What happen currently ?

– example.com/index.php and example.com/post/test are passed to the php interpretor and work

– example.com/css/style.css are not passed to php and works

– but when I go to example.com, the index.php is just downloaded, not interpreted. 


My location = / { configuration here } is apparently never matched 🙁


Thanks in advance,


Jean-Michel

Best Answer

I'm pretty sure this is the problem

index index.php?start ;
location / {
         try_files $uri $uri/ @pathinfo ;
         #try_files $uri $uri/ /index.php$uri?$args;
}

Nginx will never find a file with the filename "index.php?start" on the hard drive. In your location / block you are saying, try to find the URI, which is just /, which is just the root directory, and it finds that.

My location = / { configuration here } is apparently never matched :(

It is matched, just the first one is matched and not the second one. Remove the first location / block and the index index.php?start (because I think the latter will never work).

Related Topic