Jump to content

Nginx config with error 500


Sten
 Share

Recommended Posts

Hell,

Although I use a config on an other of my sites that works well. An error 500 is driving me nuts.
Coul someone have a look on my config

server {
        listen 80;
        server_name attente.xyz;
        rewrite ^ https://$server_name$request_uri? permanent;
       }

server {
       listen 443 ssl;
        server_name attente.xyz;
      ssl_certificate /etc/letsencrypt/live/krouus.company/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/krouus.company/privkey.pem;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

         # Activer le ciphers et mettre ceux autorisés (je vous laisse faire de plus amples recherches pour ça ;) )
         ssl_prefer_server_ciphers on;
         ssl_ciphers 'DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA128-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256';
 
        ssl_session_cache shared:SSL:10m;
       ssl_session_timeout 10m;
 
         # La fameuse clé générée en dernier
       ssl_dhparam /etc/nginx/dhparam.pem;

         # Ajout d'une règle http
       add_header Strict-Transport-Security "max-age=31536000;";

        root /var/www/attente.xyz/html;
        index index.php index.html index.htm;

        location / {
        #               try_files $uri $uri/ /index.php?it=$uri&$args;
                        try_files $uri /index.php$is_args$args;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_intercept_errors on;
                fastcgi_ignore_client_abort off;
                fastcgi_connect_timeout 60;
                fastcgi_send_timeout 180;
                fastcgi_read_timeout 180;
                fastcgi_buffers 4 256k;
                fastcgi_buffer_size 128k;
                fastcgi_busy_buffers_size 256k;
                fastcgi_temp_file_write_size 256k;
        }
            location ~ \.php$ {
                #try_files $uri =404;
                include snippets/fastcgi-php.conf;
                include /etc/nginx/fastcgi_params;
                fastcgi_pass unix:/run/php/php7.0-fpm.sock;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                # .htaccess 10.
                fastcgi_param HTTP_MOD_REWRITE On;
                fastcgi_param X-Real-IP  $remote_addr;
                fastcgi_param X-Forwarded-For $remote_addr;
                fastcgi_param Host $host;
    }
location ~* \.(?:css|gif|htc|ico|js|jpe?g|png|swf|svg|ttf|eot|woff|less|pdf)$ {
           #expires max;
           log_not_found off;
            ## No need to bleed constant updates. Send the all shebang in one
            ## fell swoop.
            tcp_nodelay off;
            ## Set the OS file cache.
            open_file_cache max=1000 inactive=120s;
            open_file_cache_valid 45s;
            open_file_cache_min_uses 2;
            open_file_cache_errors off;
            valid_referers attente.xyz;
            ##ajout ProcessWire
            expires 24h;
            #log_not_found off;
            access_log off;
            try_files $uri /index.php?it=$uri&$args;

}
# .htaccess 8.1
charset utf-8;

# .htaccess 3.
  location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; }

# .htaccess 4.
  # add_header X-Frame-Options SAMEORIGIN always; # Set by ProcessWire core
  add_header X-XSS-Protection "1; mode=block";
  # add_header X-Content-Type-Options "nosniff";

  # -----------------------------------------------------------------------------------------------
  # .htaccess 5.
  # -----------------------------------------------------------------------------------------------

  # Block access to ProcessWire system files
  location ~ \.(inc|info|info\.json|module|sh|sql)$ { deny all; }
  # Block access to composer files
  location ~ composer\.(json|lock)$ { deny all; }
  # Block access to any file or directory that begins with a period (except well-known)
location ~ (^|/)\.(?!well-known)|^\..*$ { deny all; }

  
  # -----------------------------------------------------------------------------------------------
  # .htaccess 15.
  # -----------------------------------------------------------------------------------------------

  # Block access to protected assets directories
  location ~ ^/(site|site-[^/]+)/assets/(cache|logs|backups|sessions|config|install|tmp)($|/.*$) { deny all; }
  # Block acceess to the /site/install/ directory
  location ~ ^/(site|site-[^/]+)/install($|/.*$) { deny all; }
  # Block dirs in /site/assets/ dirs that start with a hyphen
  location ~ ^/(site|site-[^/]+)/assets.*/-.+/.* { deny all; }
  # Block access to /wire/config.php, /site/config.php, /site/config-dev.php, and /wire/index.config.php
  location ~ ^/(wire|site|site-[^/]+)/(config|index\.config|config-dev)\.php$ { deny all; }
  # Block access to any PHP-based files in /templates-admin/
  location ~ ^/(wire|site|site-[^/]+)/templates-admin($|/|/.*\.(php|html?|tpl|inc))$ { deny all; }
  # Block access to any PHP or markup files in /site/templates/
  location ~ ^/(site|site-[^/]+)/templates($|/|/.*\.(php|html?|tpl|inc))$ { deny all; }
  # Block access to any PHP files in /site/assets/
  location ~ ^/(site|site-[^/]+)/assets($|/|/.*\.php)$ { deny all; }
  # Block access to any PHP files in core or core module directories
  location ~ ^/wire/(core|modules)/.*\.(php|inc|tpl|module)$ { deny all; }
  # Block access to any PHP files in /site/modules/
  location ~ ^/(site|site-[^/]+)/modules/.*\.(php|inc|tpl|module)$ { deny all; }
  # Block access to any software identifying txt files
  location ~ ^/(COPYRIGHT|INSTALL|README|htaccess)\.(txt|md)$ { deny all; }
  # Block all http access to the default/uninstalled site-default directory
location ~ ^/site-default/ { deny all; }
}


Thank you for any hunch.

Link to comment
Share on other sites

Hi, Sten.

I think you too complicated your config.

try this sections:

Quote

location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass 127.0.0.1:9000;
    }

   ### GLOBAL REWRITE
    location / {
        try_files  $uri  $uri/  /index.php?it=$uri&$args;
    }

I use tcp connection rathe then socket. Because it  more easy.  (in /etc/php/7.x/fpm/pool.d/www.conf needed entry listen = 127.0.0.1:9000 )

Link to comment
Share on other sites

 Share

×
×
  • Create New...