Common pitfalls in Nginx configuration

Nginx Common Configuration Error

1. Use the root command in location

The good habit should be to configure the root command in the server block

server {server_name www.domain.com;  root/var/www/nginx-default/;  Location/{[...]  } location/foo {[...]  } location/bar {[...] }}

2. Multiple index directives

The good habit is to use the index once in the HTTP block, why use multiple times?

HTTP {index index.php index.htm index.html;    server {server_name www.domain.com;    Location/{[...]    }} server {server_name domain.com;    Location/{[...]    } location/foo {[...] }  }}

3. Using the IF directive

Wrong configuration:

server {server_name domain.com *.domain.com; if ($host ~* ^www\.    +) {set $raw _domain $;    Rewrite ^/(. *) $ $raw _domain/$1 permanent;  [...] }}

The IF directive at this time forces the detection of every request for all domains, which is inefficient and can be replaced with two server directives

The correct configuration:

server {server_name www.domain.com; Return 301 $scheme://domain.com$request_uri;}  server {server_name domain.com; [...]}

4. Check the existence of the file

Using the If detection file exists is very bad and you should use Try_files

Wrong configuration:

server {root/var/www/domain.com;    Location/{if ' (!-f $request _filename) {break; }  }}

The correct configuration:

server {root/var/www/domain.com;  Location/{try_files $uri $uri//index.html; }}

5. Pass an uncontrolled request to PHP

Wrong configuration:

Location ~* \.php$ {Fastcgi_pass backend; ...}

In this case, each request that ends with PHP is passed to PHP, and the default PHP configuration will guess if the file you requested exists.

For example, a request like /forum/avatar/1232.jpg/file.php this, the file does not exist, but /forum/avatar/1232.jpg the file exists, so PHP will handle the replacement processing this file, if the file is embedded in the PHP code, PHP will execute the corresponding code.

The following methods can be used to avoid:

*. Set cgi.fix_pathinfo=0 in PHP.ini, which will allow PHP to process only the requested file and stop processing if the file does not exist.

*. Make sure Nginx only handles schema-matching PHP files

Location ~* (file_a|file_b|file_c) \.php$ {Fastcgi_pass backend; ...}

*. prohibit execution of PHP files in directories uploaded by specified users

Location/uploaddir {Location ~ \.php$ {return 403;} ...}

*. Use Try_files to filter non-existent pages

Location ~* \.php$ {try_files $uri = 404;  Fastcgi_pass backend; ...}

*. Use nested location to filter problematic pages

Location ~* \.php$ {location ~ \.  */.*\.php$ {return 404;}  Fastcgi_pass backend; ...}

fastcgi path in 6.script filename

Do not use the absolute root path, use the variable

Wrong configuration:

Fastcgi_param script_filename/var/www/yoursite.com/$fastcgi _script_name;

The correct configuration:

Fastcgi_param script_filename $document _root$fastcgi_script_name;

The $document_root here is the value of the root command in the server block.

7. Rewrite the relevant

Wrong configuration:

Rewrite ^/(. *) $ http://domain.com/$1 permanent;

Rewrite ^ Http://domain.com$request_uri? Permanent

Correct configuration: No need to detect regular expressions, more efficient

return 301 Http://domain.com$request_uri;

8. Overwrite lost / http

Wrong configuration:

Rewrite ^/blog (/.*) $ blog.domain.com$1 permanent;

The correct configuration:

Rewrite ^/blog (/.*) $ http://blog.domain.com$1 permanent;

9. Agent-related

Wrong configuration: All pages Tong Tong to PHP

server {server_name example.org;     Root/var/www/site;        Location/{include fastcgi_params;        Fastcgi_param script_filename $document _root$fastcgi_script_name;    Fastcgi_pass Unix:/tmp/phpcgi.socket; }}

Correct configuration: Priority to handle static pages, and then hand over to PHP processing

server {server_name example.org;     Root/var/www/site;    Location/{try_files $uri $uri/@proxy;        } location @proxy {include fastcgi.conf;    Fastcgi_pass Unix:/tmp/php-fpm.sock; }}

Or

server {server_name example.org;     Root/var/www/site;    Location/{try_files $uri $uri//index.php;        } location ~ \.php$ {include fastcgi.conf;    Fastcgi_pass Unix:/tmp/php-fpm.sock; }}

This article is from the "Linux is belong to You" blog, make sure to keep this source http://jwh5566.blog.51cto.com/7394620/1691032

Common pitfalls in Nginx configuration