Leaderboard

This week we’ve got ProcessWire 2.8.62 (corresponding to 3.0.62 master), a look at some current work-in-progress, and some nice momentum in ProcessWire usage and market share. https://processwire.com/blog/posts/new-2.8-version-current-projects-and-pw-usage/

https://github.com/processwire/processwire/blob/50f2834a0ae2a9f9f2ac53439184ebdc04db2f54/wire/core/PagesTrash.php#L53 So there is id, parent id and sort position of trashed page in that name.

Having such information presented publicly is a great idea to help promote ProcessWire. Thanks to @benbyf for taking the initiative. The newspaper writing style certainly helps with content such as this. My only concern with this article is the wording. This is meant only as constructive criticism. #1 The way it is written, it implies that for some unknown reason ProcessWire (not the user) had created an arbitrary number of images within a page, and now you may want to remove them. To a new user, or prospective user, it implies they will have maintenance issues when working with ProcessWire. We know this is not the case. This tip's opening sentence might be more accurately written like so, 1. Bulk Delete Images in Admin As you create your site content, you may have added any number of images to a particular page that are no longer wanted. Should you want to get rid of them... #2 This one really sticks out. The means by which a user gets 'locked out' is due to either pilot error, or an interruption in a critical process, and rarely due to some internal malfunction. It might be better to have written it like so, 2. Regain Entry to Backend For those times where you may have forgotten your administrative password, or if a poor network connection caused a critical process (like a site migration) to fail, you can reset the administrative password using this simple trick... #3 Specifying a heading "Upgrade ProcessWire" and immediately opening with "Upgrading is a chore..." doesn't give a good first impression. While that statement is technically accurate, it might be better to lead with how simple the ProcessWire upgrade procedure is in relation to the complexity found with other platforms (without naming names). /$0.02 Like I said, these are simply my comments meant as constructive criticism for future articles. Giving a good first impression is critical to our growth. I know there is no style guide associated with ProcessWire-related articles, so it might be a good idea for anyone wanting to write such articles in the future to ask a staff member to proof read it before publication for things like grammar, inflection, conveyance, etc. And again, thanks to benbyf for making this contribution!

Introducing our newest [commercial] module: Recurme Processwire Recurring Dates Field & Custom Calendar Module. http://www.99lime.com/modules/recurme/ One Field to Recur them ALL… A Recurring Dates InputField for your Processwire templates. The InputField you’ve been waiting for. Complex RRule date repeating in a simple and fast user interface. Use the super simple, & powerful API to output them into your templates. example: <? // easy to get recurring events $events = $recurme->find(); // events for this day $events = $recurme->day(); // events for this week $events = $recurme->week(); // events for this month $events = $recurme->month(); ?> <? // Loop through your events foreach($events as $event){ echo $event->title; echo $event->start_date; echo $event->rrule; echo $event->original->url; ... } ?> Unlimited Custom Calendars. Imagine you could create any calendar you wanted on your website. Use recurring events with the Recurme field, or use your own Processwire pages and date fields to render calendars… it’s up to you. Fully customizable. Make as many calendars as you like. Get events from anywhere. Recurme does all the hard date work for you. Unlimited Custom Admin Calendars too. Hope you like it , Joshua & Eduardo from 99Lime. ## [1.0.1] - 2017-05-29 ### changed - Fixed $options[weekStartDay] offset in Calendar - Fixed ->renderCalendar() Blank Days - Fixed missing ->renderList() [renderMonth][xAfter] - Removed ->renderCalendar() <table> attributes border, border-spacing - Fixed ->renderCalendar() excluded dates - Fixed rrule-giu.js exclude dates - Fixed ->renderList missing space in attr ID (shout out to @Juergen for multiple suggestions & feedback).

If it's shared hosting and all of the sites on your IP are potentially sending emails, that is almost certainly your problem. Again, I'd look into an email delivery service like Sendgrid, Mandrill or even TurboSMTP - these will help with deliverability, and you won't be competing with other sites on the same IP to get emails out.

I thought we already had seeds... http://cheatsheet.processwire.com/pagearray-wirearray/getting-items/findrandomtimed-n/ http://processwire.com/api/ref/wire-array/find-random-timed/ though not sure if this will work for your use scenario...

Also, you can hook save process and do your custom sanitization or validation of data if needed.

Have you seen this? (Sure, it is not the admin but the API, but I guess the same call is used...) https://processwire.com/api/ref/sanitizer/match/

I've filed a request: https://github.com/processwire/processwire-requests/issues/97

Some hopefully helpful links: https://processwire.com/api/variables/pages/ https://www.smashingmagazine.com/2016/07/the-aesthetic-of-non-opinionated-content-management-a-beginners-guide-to-processwire/

There may be other solutions but this is what I do...

I tried the module a bit in PW3 and it works well - it's a really handy module and I wish I started using it sooner. I think the permission overrides per template only apply to the sub-permissions of page-edit (page-move, page-delete, etc) and these won't affect the module because those sub-permissions aren't displayed in the tables. One issue I came across is that where a template has a numeric name ("404" being an obvious one) the edit link to the template is not displayed properly in the table. Have created an issue on GitHub with a proposed fix. I also thought that where the the 'muted' class is used the text colour is too faint.

The example uses the selector arrays feature so you would make your change like this: 'roles' => ['agent', 'superuser']

This finds all 'articleFeatured' articles, but you only need one. So better to do this: $latestArticle = $pages->findOne("template=article, articleFeatured=1, sort=-created"); I wrote that imagickal() function and it doesn't recreate the image on every page load if the processed image already exists. But it was really intended for applying ImageMagick effects - you don't need it for simple image resizing. Rather than add padding in the resized image you should use CSS to keep the image within its container while maintaining aspect ratio. A couple of ways you can do this below - CSS is inline in the examples but you would move it to an external stylesheet. If you don't mind using background images the technique is dead simple. Just adjust the padding-top for the desired aspect ratio (in the example I used your 730:350 ratio). <div style="padding-top:47.945%; background:#000 url('my-image.jpg') no-repeat center center / contain;"></div> If you want to use an <img> tag there's a bit more to it: <div style="padding-top:47.945%; position:relative;"> <div style="position:absolute; width:100%; height:100%; top:0; left:0; font-size:0; line-height:0; text-align:center; background-color:#000"> <img src="my-image.jpg" style="max-width:100%; max-height:100%;"> </div> </div> If you are using a CSS pre-processor you can use a helper mixin, e.g. https://css-tricks.com/snippets/sass/maintain-aspect-ratio-mixin/ But none of this should make that much of a difference when you are using ProCache - your server load should be very low when ProCache is used considering you have no front-end users logging in. You could check to make sure you are not clearing the entire cache unnecessarily - for best performance you shouldn't use the "Reset cache for entire site" option for when a page is saved but instead use the settings on the "Cache" tab of Edit Template to only clear the cache of related pages. But the other thing to consider is if the problem might be due to the host. You could copy the files and DB to a different host and trial that for a bit to see if the problem resolves. A hassle for sure but if you are getting desperate...

I had a need to do this and there were some requests in the Table forum so... LimitTable A module for ProcessWire CMS/CMF. Allows limits and restrictions to be placed on selected Profields Table fields. For any Table field you can limit the number of rows that may be added and also prevent the use of drag-sorting and the trashing of rows. If a limit has been defined then there is an option to show all (empty) rows up to that limit. This module does not support paginated Table fields. Usage Install the LimitTable module. The module configuration screen should be self-explanatory. You can add rows in the module config as needed using the "Add another row" button. Please note that limits and restrictions are applied with CSS/JS so should not be considered tamper-proof. Module config: The effect of the above config in Page Edit. The empty rows up to the limit are shown because "Show all rows" is checked. https://github.com/Toutouwai/LimitTable https://processwire.com/modules/limit-table/

This module allows you to automatically send an email to a newly created user with their username and password. It also has the option to automatically generate a password for the user upon creation. http://modules.processwire.com/modules/email-new-user/ https://github.com/adrianbj/EmailNewUser The following things are configurable: Whether Send Email option should be automatically checked when creating new user - also affects new users created via API From email address (if left blank it will use the admin email set in the config/php file Email subject Email body - includes the ability to use any fields from the user template using {field_name} codes so these can be put into the body wherever you want. It's your choice if you want to include the password in the email or not. Whether to automatically generate a password. This can be toggled on/off, but even if it is on, you can override it by simply entering a password manually when creating the new user. Ability to control the length and character sets used to make up the automatically generated password. Option to send a test email to yourself to make sure it is configured the way you expect. Because it is generally not a good idea to email passwords, it is highly recommended to use the new Password Force Change module in conjunction with this module. That way the user has to change their password the first time they login which will somewhat reduce the vulnerability of emailing the password. It can also be used for API generated users: $modules->get("EmailNewUser"); // call the module since it is not autoload on the front end $newuser = new User(); $newuser->name = 'newuser'; $newuser->email = 'newuser@gmail.com'; $newuser->sendEmail = true; // only needed if Automatic Email Send is unchecked $newuser->save(); Please let me know if you have any ideas for improvements. PS Thanks to everyone in this post: https://processwire.com/talk/topic/2981-new-user-welcome-message/ for their thoughts and ideas on how to do this.

PageTableExtraActions A module for ProcessWire CMS/CMF. Allows PageTable items to be published/unpublished and hidden/unhidden directly from the inputfield. Usage Install the PageTableExtraActions module. Use the icons in the "Actions" column of a PageTable field to publish/unpublish or hide/unhide an item. https://modules.processwire.com/modules/page-table-extra-actions/ https://github.com/Toutouwai/PageTableExtraActions/

I've written a module called HTMLBodyClasses that renders classes for the <body> tag. echo HtmlBodyClasses::renderClasses($page); Outputs: <body class="home template-home page-id-1"> Page name, page template, page's ID. You can get it here: https://github.com/ethanbeyer/HtmlBodyClasses

@Robin S This. This right here is why you are a hero member. Props to you for the profile explanation. I never knew the procedure. I will put this into practice immediately. PS. Where is that damn "Buy-a-Beer" button? Somebody needs to make that happen.

Hi @rick, I can't share my custom profile because it contains pro modules. And it's set up to suit my preferences and idiosyncrasies which would surely be different for each person. But it's very easy to make your own custom profile. If you find yourself installing the same modules or creating the same kinds of page structures over and over for each project then the idea is: Create a new installation on your localhost using the "blank" profile Customise /site/config.php how you like, e.g. imageSizerOptions, useMarkupRegions, setlocale() Install your favourite modules - include the Site Profile Exporter Set up any admin tweaks with AdminOnSteroids and/or AdminCustomFiles Create the fields, templates and template files you tend to need for every new site (it doesn't hurt if there are some that aren't always used as you can always delete them in any project that doesn't need them) Create any page structures you want to have pre-existing (I have a "news" section, and a "selects" section for Page Reference options) Export your site profile Then when you are creating a new project you just copy the profile folder to the root before installing PW and select it during the install process. I keep my starting profile on localhost and update/re-export it from time to time with the latest module upgrades and any new tricks and tweaks I have learned.

Well, things look ok to me, I can access the site fine. It appears there's no problem with your .htaccess after all as you said ProCache already edited it. Maybe it's a cache from your browser.

Hi! Sorry for my late answer, I had been busy and couldn't mess around with PW any further. However, setting the sql_mode to "" in my mysql configuration worked! Thank you (and all other people who responded).

I removed the date field label some days ago (@see Github issue). I didn't know that ProcessWire provides a way to skip the label. It's added to the develop branch, so it'll published with the next release!

@szabesz, I will let @justb3a address this. But it won't affect the functionality, only the w3 validation.

Thank you @Zeka. Perfect answer, with code reference! I am getting more familiar with the code slowly.

I'm not knocking sendgrid, or any other email service. After working in the adult industry (I know, don't judge me. I was young and needed the money ), I am not too fond of services that want a 'contacts list' stored at their site. You may want to consider gmail, or the like, for sending small quantities of emails. If you need an email company domain, eg, yourname@yourdomain.com, then they will provide that for a small monthly fee, usually $5 or so. I have never exceeded gmail's limit, and it is far better than trying to run your own email server. Also, the majority of my applications require subscribers to use their company email address. I have the company create a site admin email address on behalf of the application, which eliminates the need for any third-party solutions. If you need the capacity of those email services, then by all means use them. They handle that particular need well. Just be cautious of how they treat your contacts, if they require it. Another possibility is to move to a VPS hosting account that has an email feature. That way you are the only user that they audit to affect any email limitations.

Thanks, I will check that ! I try to put some log in the module and I was able to have a more detailed error message, I think "554 5.7.1 <---->: Recipient address rejected: You have exceeded the limit of 400 messages per hour and per IP address. Please, re-try later." What I don't understand is how that can be, never 400 messages are send via the website, and not 20 per hour to. Oo If I wait like 30 seconds, it's ok again. And the emails are good, the clients can send emails directly without problems. Knowing it's a shared hosting, is it possible that other peoples on the server are blocking everyone ?

Check this out: http://docs.mailpoet.com/article/49-lists-of-hosts-and-their-sending-limits For OVH: Most likely because of bounces, your site is unable to send emails. A couple of things you can do: 1. Contact OVH and ask them to give you some idea of what your email's standing is. 2. Use a service like Sendgrid (sendgrid.com) as an off-site SMTP delivery service. If I remember correctly, Sendgrid is free up to 12,000 emails a day. Hope this helps!

I asked you to check because you could have developed your own modules and maybe there was a culprit there. Those you listed are ok! The memory usage log you have doesn't show which all the processes names running, so it won't help much. Are you using Apache and is it serving a lot of static resources (CSS/images/videos etc)? Apache can use a lot of RAM in some cases compared to Nginx. But your ProCache settings seems correct. I agreed with @szabesz, ProfilePro and Ryan could help you a lot! The other possibility is to ask your helpdesk to install a better monitoring tool like NewRelic. It helped me a lot on a Wordpress site in the past.

@Robin S, Care to share your site profile? Did you modify the default site profile for installation? How did you do that? I would be interested in creating a 'pre-configured' 'blank slate' so to speak.

@Brian Scramlin I have not completely read this thread, but do you have ProDevTools? Considering this: "VIP Support When you purchase ProDevTools, you are purchasing full access to the VIP ProDevTools member area. This is where downloads and upgrades for products are made available, and where VIP support is provided directly by ProcessWire's lead developer, Ryan. This is particularly useful with the ProfilerPro service, and Ryan is there to help you optimize your site and resolve bottlenecks discovered with ProfilerPro. It's also useful with the API Explorer module, as it will likely open up a new world of things you can do with ProcessWire, and we'll be there to help you learn and answer questions as they come up." This offer might be the one you need now.

Ok so I managed to get the result that I was searching for! This is what I did: In site/ready.php file I added this snippet: wire()->addHookBefore('Page::loaded', function(HookEvent $event) { // Get the object the event occurred on, if needed $page = $event->object; if($page->template->name == "admin" && wire('user')->id === wire('config')->guestUserPageID){ wire('session')->redirect(wire('pages')->get('/')->httpUrl); } }); I'm not sure if it is the best way to do that, but I was unable to find a way through sessions so desided to try another approach! For me it does exactly what I needed because the website I'm working on has frontend login where you can navigate to page edit according to your permissions, so the admin login page is not necessary. Well at least that's what client wanted! Anyway thanks guys for help!

New tutorial up on Tuts+ of little tit bits to help processwire devs. https://webdesign.tutsplus.com/tutorials/processwire-tricks-and-tips--cms-28613

I did another quick module, which plugs something I always kinda missed in ProcessWire. It's just a raw overview over the access management from the templates. Nothing fancy, but useful. The visible roles and the visibility of system templats can be setup in the modules settings. I'll add this to the modules directory later. But for now it would be great to hear if anyone is missing anything or if someone does have a better idea how to name the module. 12.03.15: Renamed the module and fixed wrong information for superusers and inherited rights from the required guest role. GitHub: https://github.com/LostKobrakai/ProcessAccessOverview

Thanks for the report @Robin S! However, we are missing them, aren't we? Anyway, this module with extended features to support permission overrides per template would be a great addition to the core modules.

This is just terminology, do not meditate too much on it eg.: WordPress: custom post types, Drupal: node. Surely, there are more like these out there... Each must have its history behind it.

Something like this?

if ($page->directors && $page->directors->count())

I'm using pw for a web app as well. I'm not PHP expert just a self-taught programmer learn from copy and paste What I did wrong for the first dev with pw I was not using pencil and paper to design the process first ... So just for sharing to your question: Page in PW is not just a content; I use PW front-end as a database form to process certain action. Each process will refer to the user's role Create the template to accommodate that process and setup user's access right for each template. No need to create a file template if it's not a content template. Finally, configure the access right on the field level. But be careful here, to write down in detail in your documentation, or just use hook for that purpose.

header("Status: 401", true, 401);

I use this format: If form submitted { if CSRF is valid { // process form data } else { session redirect 401 } } // render form The reason I use this order is, First, I make sure the form was submitted. If it was not, then render the form. Second, I validate CSRF. If it passes, then process form data. // No sense processing form data if invalid. Lastly, if CSRF fails, I redirect to 401.

It helps the community if people share the solutions to their problems Could you please post back with what you found? Thanks.

fixed

At our site we use both email and phone authorizations at frontend. To make life easier, I've developed HelperPhone pack that handles phone numbers. This pack includes following modules for ProcessWire CMS/CMF: FieldtypePhoneNumber: module that stores phone numbers InputfieldPhoneNumber: module that renders inputfield for phone numbers HelperPhone: module that loads PhoneNumber and PhoneNumberConst classes, and 'libphonenumber' namespace All these modules require included PW WireData-derived class PhoneNumber and PhoneNumberConst. PhoneNumber class is a thin wrapper over giggsey/libphonenumber-for-php, itself is port of Google's libphonenumber. PhoneNumberConst class stores constants, used by PhoneNumber class Usage: PhoneNumber class $phone = '8 (916) 318-07-29 ext 1234'; // input string could be in any phone-recognizable format $phoneNumber = new PhoneNumber($phone, 'RU'); // or wire('modules')->get('HelperPhone')->makePhoneNumber($phone, 'RU'); echo ($phoneNumber->isValidNumber() ? 'Yes':'No'); // Yes echo ($phoneNumber->isValidNumberForRegion($regionCode) ? 'Yes':'No'); // Yes echo $phoneNumber->getNumberTypeTitle(); // Mobile echo $phoneNumber->getCountryCode(); // 7 echo $phoneNumber->getRegionCode(); // RU echo $phoneNumber->getNationalNumber(); // 9163180729 echo $phoneNumber->getExtension(); // 1234 echo $phoneNumber->formatForCallingFrom('US') // 011 7 916 318-07-28 echo $phoneNumber->formatForCallingFrom('GE') // 00 7 916 318-07-28 For more methods and properties please refer to PhoneNumber and PhoneNumberConst source files. Need more? Check giggsey/libphonenumber-for-php and use it by accessing $phoneNumber->phoneNumber property - it is instance of \libphonenumber\PhoneNumber or null (if empty). Usage: field Note: on field creation, make sure that you've configured field settings Default region: assumed region if input phone number string is not in international format (starts with '+', etc) Enabled/disabled phone extentions: if disabled, phone extension will be removed on field save. Phone field settings in example below: default region code 'RU', phone extensions are enabled echo $page->phone; // +79163180729 // Note1: $page->phone stores instance of PhoneNumber and renders to string in E164 format. // Note2: E164 format does not include extension. echo $page->getFormatted('phone'); // +7 916 318-07-29 ext. 1234 echo $page->getUnformatted('phone'); // +79163180729 echo $page->phone->format(PhoneNumberConst::RFC3966); // tel:+7-916-318-07-29;ext=1234 echo $page->phone->getNationalNumber(); // 9163180729 Usage: PW selectors FieldtypePhoneNumber is instance of FieldtypeText. It stores phone numbers and extensions as string in E164 format with #extention (if provided by user and enabled in settings) E.g. in db it looks like this: '+79163180729#1234'. This makes it easy to query fields as any text field. echo $pages->find([ 'template' => 'my_temlate', 'phone^=' => '+79163180729', ]); // will echo page ids where phone starts with '+79163180729' Finally I've decided to put it here first and later to Modules directory (based on your feedbacks). GitHub: https://github.com/valieand/HelperPhone Enjoy

1. Processwire default installation uses MyISAM as the engine which has the disadvantage of locking the entire table during a write operation. This can cause bottleneck issues in some cases. But if you are running a up-to-date MySQL version, you can change it to InnoDB to have better performance. BUT I cannot say that it will solve the problem just by doing this. Which version are you using? 1.1. And which PW version? 2. It can help to use MariaDB instead of MySQL as they say it uses less RAM, but moving the database to a second VPS will improve a lot. 3. Procache should help A LOT on the performance, as it bypasses PHP and MySQL altogether unless you're not using it right. Are the users logging in for instance? 4. Just of curiosity, why are you using a custom image processing and not PW built-in methods?

Suppressing errors is a bad idea. Having "Integrity constraint violation" means something is trying to insert data with a key, which is already present in the database. Worst case scenario: You loose data because of it not being in a saveable state. This should be fixed and not be put aside (even it it's really a core issue and not one with your code).

While a relatively quiet week due to travel, the 3.0.62 version has been merged from dev to master, plus a few other small updates in this week's blog post: https://processwire.com/blog/posts/pw-3.0.62-master/

It looks to me like there is a typo in the core code that means the Wire::changed method is never called. See here... if(($hooks && $hooks->isHooked('changed')) || !$hooks) { But the phpDoc comments for WireHooks::isHooked say... * If checking for a hooked method, it should be in the form `Class::method()` or `method()` (with parenthesis). So it should have been... if(($hooks && $hooks->isHooked('changed()')) || !$hooks) { ...and if you change to that then the hook starts firing. @gebeer, will you open a GitHub issue for this?

If you do not assign a title the autogenerated ID (Inputfield) will be taken. $inputfields->attr('title', 'Weird name'); To put the Inputfields (Tabs) in the right order you could use InputfieldWrapper::insertBefore() or InputfieldWrapper::insertAfter() instead of InputfieldWrapper::add(). Unfortunately this doesn't work in case of ProcessPageEdit. To get it working you need to add another hook to ProcessPageEdit::getTabs() The following code snippet should work. Place it in your /site/ready.php wire()->addHookAfter('ProcessPageEdit::buildForm', function ($event) { $page = $event->object->getPage(); if ($page->template == "bewerbung") { $form = $event->return; $inputfields = new InputfieldWrapper(); $inputfields->attr('title', 'Weird Name'); $inputfields->attr('name+id', 'WeirdTabNameAndId'); // we need both unique ID and Name $markup = wire()->modules->get('InputfieldMarkup'); $markup->label = 'Custom Lable'; $markup->value = '<p>Just a placeholder for any custom markup</p>'; $inputfields->add($markup); $pageEditTab = $form->find('id=ProcessPageEditContent')->first(); $form->insertAfter($inputfields, $pageEditTab); // inserting in the right place is not enough to set the tab order // we need the following hook wire()->addHookAfter('ProcessPageEdit::getTabs', function ($event) { $event->return = array_merge( array_slice($event->return, 0, 1, true), array('WeirdTabNameAndId' => __('Weird Name')), // should be identical to the weird name/title above array_slice($event->return, 1, null, true) ); }); $event->return = $form; } });

Hi, This is a complete server configuration block for NGiNX communicating with php-fpm. There are a few things that will require customisation: server_name root access_log and error_log fastcgi_pass - socket or TCP specification configuration blocks relating to 40x and 50x error handling Note the use of fastcgi_param HTTP_MOD_REWRITE On; which quiets an installer error about requiring mod_rewrite. You might also want to copy htaccess.txt to .htaccess in the ProcessWire top-level directory. server { listen 80 default_server; server_name localhost localhost.localdomain; index index.php index.html; root /var/www/html; access_log /var/log/nginx/access.log main; error_log /var/log/nginx/error.log notice; default_type application/x-php; ### SECURITY - Protect crucial files location ~ /\. { deny all; } location ~ /(COPYRIGHT|LICENSE|README|htaccess)\.txt { deny all; } location ~ ^/site(-[^/]+)?/assets/(.*\.php|backups|cache|config|install|logs|sessions) { deny all; } location ~ ^/site(-[^/]+)?/install { deny all; } location ~ ^/(site(-[^/]+)?|wire)/(config(-dev)?|index\.config)\.php { deny all; } location ~ ^/((site(-[^/]+)?|wire)/modules|wire/core)/.*\.(inc|module|php|tpl) { deny all; } location ~ ^/(site(-[^/]+)?|wire)/templates(-admin)?/.*\.(inc|html?|php|tpl) { deny all; } ### GLOBAL REWRITE location / { try_files $uri $uri/ /index.php?it=$uri&$args; } # pass the PHP scripts to FastCGI server on local socket # location ~ .+\.php((/|\?).*)?$ { fastcgi_pass unix:/run/php-fpm/php-fpm.sock; fastcgi_index index.php; fastcgi_split_path_info ^(.+\.php)(.*)$; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTP_MOD_REWRITE On; include fastcgi_params; } # redirect server error pages to the static page /40x.html # error_page 404 /404.html; location = /40x.html { root /usr/share/nginx/html; } # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } } In the php-fpm configuration you need to specify unix socket or TCP connection parameters and possibly the chdir setting. These are distribution-dependent values and you will need to determine the correct values for your scenario. My configuration is as follows: ; The address on which to accept FastCGI requests. ; Valid syntaxes are: ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific address on ; a specific port; ; 'port' - to listen on a TCP socket to all addresses on a ; specific port; ; '/path/to/unix/socket' - to listen on a unix socket. ; Note: This value is mandatory. ;listen = 127.0.0.1:9000 listen = /run/php-fpm/php-fpm.sock ; Set permissions for unix socket, if one is used. In Linux, read/write ; permissions must be set in order to allow connections from a web server. Many ; BSD-derived systems allow connections regardless of permissions. ; Default Values: user and group are set as the running user ; mode is set to 0666 listen.owner = nginx listen.group = nginx listen.mode = 0660 ; Chdir to this directory at the start. This value must be an absolute path. ; Default Value: current directory or / when chroot chdir = /var/www/html Please note that I researched these configurations and the preceeding security configuration from original documentation. I did not rely on howtos available on the Internet. Each has been carefully implemented and undergone significant testing before going into production. Regards, Neil Darlow