我正在设置在vestaCP + NGINX + php-fpm和laravel后端上运行的新服务器,在安装letsencrypt之后,除主页之外,我所有的路由器都遇到404错误。 laravel .env正常并且我的nginx conf如下,而且,控制面板为ssl创建了另外一个nginx conf文件。该站点可以正常使用http协议。
server {
listen xx.xxx.xxx.xx:443;
server_name example.com www.example.com;
root /home/admin/web/example.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/example.com.log combined;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log error;
ssl on;
ssl_certificate /home/admin/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.example.com.key;
location / {
try_files $uri $uri/ /index.php$is_args$args;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ [^/]\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
if (!-f $document_root$fastcgi_script_name) {
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
}
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/example.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/example.com/stats/;
include /home/admin/conf/web/example.com.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.example.com.conf*;
}
答案 0 :(得分:1)
我不是Nginx专家,但是在我看来,所有location伪指令都应该位于server伪指令内,而目前不是。另外,您嵌套了location指令,我认为它们是不必要的...
首先尝试解决此问题:
server {
listen xx.xxx.xxx.xx:443;
server_name example.com www.example.com;
root /home/admin/web/example.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/example.com.log combined;
access_log /var/log/nginx/domains/example.com.bytes bytes;
error_log /var/log/nginx/domains/example.com.error.log error;
ssl on;
ssl_certificate /home/admin/conf/web/ssl.example.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.example.com.key;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
expires max;
}
location ~ \.php$ {
# https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
#try_files $uri =404;
#try index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#fastcgi_pass php:9000;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/example.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/example.com/stats/;
include /home/admin/conf/web/example.com.auth*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.example.com.conf*;
}
注意:未经测试,因此请在开发中尝试使用,如果您修复了文件中的任何语法或错误,请告诉我,以便我更新答案。如果您无法修复,请告诉我们出了什么问题,以便我们尝试进一步的帮助。
使用Laravel之后,您可以尝试遵循Nginx配置Php Docker Stack,该配置可直接与Laravel配合使用。
您需要复制以替换Nginx conf server{}指令中当前位的位是这一位:
# In Laravel we only need serve index.php
location @proxyphp {
rewrite (.*) /index.php;
}
# serving only index.php increases the security in your application.
location ~ /index\.php$ {
# https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/
#try_files $uri =404;
#try index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
# Deny access to all php files that are not index.php
location ~ \.php$ {
deny all;
}
在Laravel中,我们只需要提供index.php即可,这样做可以提高应用程序的安全性,因为它只有1个公共入口点,而不是*.php中的任何public都可以访问} Laravel应用的文件夹。