Jump to content
adrianmak

Nginx reverse proxy cache to work with processwire

Recommended Posts

Story:

https://processwire.com/talk/topic/9250-what-should-i-do-to-make-pw-to-work-with-a-reverse-proxy-cache/

After a few days of reading documentation, I got processwire to work with nginx reverse proxy cache.
This is not a tutorial on how to install server software. A working nginx config copy will be posted on next reply.
 

Ubuntu 14.04.1 x64

Nginx 1.4.6

apache 2.4.7

mysql 5.6.19

php 5.6.6 (php5-fpm)

A new copy of content will be fetched instantly.

A screencast of this demo

  • Like 2

Share this post


Link to post
Share on other sites

nginx.conf

user www-data;
worker_processes 4;
pid /run/nginx.pid;

events {
        worker_connections 768;
        # multi_accept on;
}

http {
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        include /etc/nginx/cache.conf;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;
        gzip_disable "msie6";

        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 2;

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}

cache.conf

proxy_cache_path /etc/nginx/cache levels=1:2 keys_zone=one:100m
           inactive=60m
           loader_threshold=300
           loader_files=200
           max_size=200m;
proxy_cache_key "$scheme$proxy_host$uri$is_args$args";

/etc/nginx/sites-available/default

server {
        listen 80 default_server;

        proxy_cache one;
        add_header X-Cache-Status $upstream_cache_status;
        proxy_cache_valid any 1m;
        proxy_cache_min_uses 3;
        proxy_ignore_headers Set-Cookie;
        proxy_ignore_headers "Cache-Control" "Expires";

        root /var/www/html;
        index index.php index.html index.htm;

        server_name dev.local.net;

        location / {
                try_files $uri $uri/ /index.php?it=$uri&$args;
        }

        location ~ \.php$ {
                proxy_pass http://127.0.0.1:8080;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
        }

        location ~ /\. {
                deny all;
        }
}

A modified basic-page.php of pw installation profile

<?php
$lastModified=($page->last_modified);
$etag = md5($page->body);
$ifModifiedSince=(isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) ? $_SERVER['HTTP_IF_MODIFIED_S
INCE'] : false);
$etagHeader=(isset($_SERVER['HTTP_IF_NONE_MATCH']) ? trim($_SERVER['HTTP_IF_NONE_MATCH'])
: false);

header("Last-Modified: ".gmdate("D, d M Y H:i:s", $lastModified)." GMT");
header("Etag: $etag");
header('Cache-Control: public');

//check if page has changed. If not, send 304 and exit
if ((@strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])===$lastModified) || $etagHeader == $et
ag) {
       header("HTTP/1.1 304 Not Modified");
       exit;
}

//$content = "This is a demo";
// basic-page.php template file

// Primary content is the page's body copy
$content = $page->body;
//$content .= $etag;

// If the page has children, then render navigation to them under the body.
// See the _func.php for the renderNav example function.

if($page->hasChildren) $content .= renderNav($page->children, 0, 'summary');

// if the rootParent (section) page has more than 1 child, then render
// section navigation in the sidebar

if($page->rootParent->hasChildren > 1) {
        $sidebar = renderNav($page->rootParent, 3) . $page->sidebar;
}
  • Like 2

Share this post


Link to post
Share on other sites

Probably the above configuration is a basic, you may adjust some of the values regarding proxy cache directives.

Share this post


Link to post
Share on other sites

That is very interesting work you did there. I love to see processwire together with nginx.

What hosting company are you using ?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Similar Content

    • By anttila
      I have a new server and wanted to use nginx. However, I have two ProcessWire websites which does not let me do anything. I'll get this error every time when I try to change something and sometimes when logging in. Deleted all caches already from ProcessWire and browser. This also happens after installing new ProcessWire and all directories were owned by www-data.
      I also have two working websites without any problems and all these four uses same kind of setting on nginx config. I don't understand why some of those working fine and some not.
      Running Debian 10, MariaDB 10.3.22, PHP 7.4, nginx 1.14.2
      This request was aborted because it appears to be forged. #0 /sites/clients/clientname/wire/modules/Process/ProcessPageTrash.module(49): ProcessWire\SessionCSRF->validate() #1 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessPageTrash->___execute() #2 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #3 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #4 /sites/clients/clientname/wire/core/ProcessController.php(337): ProcessWire\Wire->__call() #5 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\ProcessController->___execute() #6 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #7 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #8 /sites/clients/clientname/wire/core/admin.php(150): ProcessWire\Wire->__call() #9 /sites/clients/clientname/wire/modules/AdminTheme/AdminThemeDefault/controller.php(13): require('/sites/clients/...') #10 /sites/clients/clientname/site/templates/admin.php(15): require('/sites/clients/...') #11 /sites/clients/clientname/wire/core/TemplateFile.php(318): require('/sites/clients/...') #12 /sites/clients/clientname/wire/core/Wire.php(380): ProcessWire\TemplateFile->___render() #13 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #14 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #15 /sites/clients/clientname/wire/modules/PageRender.module(536): ProcessWire\Wire->__call() #16 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\PageRender->___renderPage() #17 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #18 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #19 /sites/clients/clientname/wire/core/WireHooks.php(924): ProcessWire\Wire->__call() #20 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #21 /sites/clients/clientname/wire/modules/Process/ProcessPageView.module(213): ProcessWire\Wire->__call() #22 /sites/clients/clientname/wire/core/Wire.php(383): ProcessWire\ProcessPageView->___execute() #23 /sites/clients/clientname/wire/core/WireHooks.php(823): ProcessWire\Wire->_callMethod() #24 /sites/clients/clientname/wire/core/Wire.php(450): ProcessWire\WireHooks->runHooks() #25 /sites/clients/clientname/index.php(55): ProcessWire\Wire->__call() #26 {main}  
    • By Sten
      Hell,
      Although I use a config on an other of my sites that works well. An error 500 is driving me nuts.
      Coul someone have a look on my config
      server { listen 80; server_name attente.xyz; rewrite ^ https://$server_name$request_uri? permanent; } server { listen 443 ssl; server_name attente.xyz; ssl_certificate /etc/letsencrypt/live/krouus.company/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/krouus.company/privkey.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Activer le ciphers et mettre ceux autorisés (je vous laisse faire de plus amples recherches pour ça ;) ) ssl_prefer_server_ciphers on; ssl_ciphers 'DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-CAMELLIA256-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-CAMELLIA128-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256'; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; # La fameuse clé générée en dernier ssl_dhparam /etc/nginx/dhparam.pem; # Ajout d'une règle http add_header Strict-Transport-Security "max-age=31536000;"; root /var/www/attente.xyz/html; index index.php index.html index.htm; location / { # try_files $uri $uri/ /index.php?it=$uri&$args; try_files $uri /index.php$is_args$args; fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_intercept_errors on; fastcgi_ignore_client_abort off; fastcgi_connect_timeout 60; fastcgi_send_timeout 180; fastcgi_read_timeout 180; fastcgi_buffers 4 256k; fastcgi_buffer_size 128k; fastcgi_busy_buffers_size 256k; fastcgi_temp_file_write_size 256k; } location ~ \.php$ { #try_files $uri =404; include snippets/fastcgi-php.conf; include /etc/nginx/fastcgi_params; fastcgi_pass unix:/run/php/php7.0-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # .htaccess 10. fastcgi_param HTTP_MOD_REWRITE On; fastcgi_param X-Real-IP $remote_addr; fastcgi_param X-Forwarded-For $remote_addr; fastcgi_param Host $host; } location ~* \.(?:css|gif|htc|ico|js|jpe?g|png|swf|svg|ttf|eot|woff|less|pdf)$ { #expires max; log_not_found off; ## No need to bleed constant updates. Send the all shebang in one ## fell swoop. tcp_nodelay off; ## Set the OS file cache. open_file_cache max=1000 inactive=120s; open_file_cache_valid 45s; open_file_cache_min_uses 2; open_file_cache_errors off; valid_referers attente.xyz; ##ajout ProcessWire expires 24h; #log_not_found off; access_log off; try_files $uri /index.php?it=$uri&$args; } # .htaccess 8.1 charset utf-8; # .htaccess 3. location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { log_not_found off; access_log off; } # .htaccess 4. # add_header X-Frame-Options SAMEORIGIN always; # Set by ProcessWire core add_header X-XSS-Protection "1; mode=block"; # add_header X-Content-Type-Options "nosniff"; # ----------------------------------------------------------------------------------------------- # .htaccess 5. # ----------------------------------------------------------------------------------------------- # Block access to ProcessWire system files location ~ \.(inc|info|info\.json|module|sh|sql)$ { deny all; } # Block access to composer files location ~ composer\.(json|lock)$ { deny all; } # Block access to any file or directory that begins with a period (except well-known) location ~ (^|/)\.(?!well-known)|^\..*$ { deny all; } # ----------------------------------------------------------------------------------------------- # .htaccess 15. # ----------------------------------------------------------------------------------------------- # Block access to protected assets directories location ~ ^/(site|site-[^/]+)/assets/(cache|logs|backups|sessions|config|install|tmp)($|/.*$) { deny all; } # Block acceess to the /site/install/ directory location ~ ^/(site|site-[^/]+)/install($|/.*$) { deny all; } # Block dirs in /site/assets/ dirs that start with a hyphen location ~ ^/(site|site-[^/]+)/assets.*/-.+/.* { deny all; } # Block access to /wire/config.php, /site/config.php, /site/config-dev.php, and /wire/index.config.php location ~ ^/(wire|site|site-[^/]+)/(config|index\.config|config-dev)\.php$ { deny all; } # Block access to any PHP-based files in /templates-admin/ location ~ ^/(wire|site|site-[^/]+)/templates-admin($|/|/.*\.(php|html?|tpl|inc))$ { deny all; } # Block access to any PHP or markup files in /site/templates/ location ~ ^/(site|site-[^/]+)/templates($|/|/.*\.(php|html?|tpl|inc))$ { deny all; } # Block access to any PHP files in /site/assets/ location ~ ^/(site|site-[^/]+)/assets($|/|/.*\.php)$ { deny all; } # Block access to any PHP files in core or core module directories location ~ ^/wire/(core|modules)/.*\.(php|inc|tpl|module)$ { deny all; } # Block access to any PHP files in /site/modules/ location ~ ^/(site|site-[^/]+)/modules/.*\.(php|inc|tpl|module)$ { deny all; } # Block access to any software identifying txt files location ~ ^/(COPYRIGHT|INSTALL|README|htaccess)\.(txt|md)$ { deny all; } # Block all http access to the default/uninstalled site-default directory location ~ ^/site-default/ { deny all; } }
      Thank you for any hunch.
    • By gonzz
      Hi i'm having a recurrent problem I found on this forum: when using the image uploader I get the following error on console "Unexpected token < in JSON". But I couldn't solve it with any of the other proposed solutions:
      setting debug to true setting $config->uploadTmpDir = dirname(__FILE__) . '/assets/uploads/'; setting uploadTmpDir in php.ini  
      BUT This problem only appears for non superuser users (ie editors).
      Running on a Digitial Ocean Server with NGINX and PHP 7.1. Version is ProcessWire 3.0.62
      Note: Im using Fredi plugin, but i doubt that's the problem because I'm using it in other sites with no problem
       
      Any idea how i could solve this (even with non ajax image upload) I need to sort this as fast and simple as possible
      Thanks in advance
    • By taoguang
      Now I add a PW on my domain. It runs OK.
      Then I have a second demo PW running under /demo/ subdirectory.
      and adding these code to nginx rewrite:
      location /demo/ { try_files $uri $uri/ /demo/index.php?it=$uri&$args; } Then I access the subdirectory's homepage(/demo/) is OK, other page return a 404 error.
      But I replaced the other cms to /demo/, It's really OK. Why?
      How to fix these errors?
    • By RyanJ
      Hello!
      Looking for a bit of advice or suggestions here. I don't claim to be a nginx expert, but I have PW version 3.0.62 powering an app running on a cloud server with nginx. Everything operates fine for the most part, but from time to time I am getting a network error message when trying to navigate in the admin or just a plain ole 500 error. Specifically when logging in initially and trying to view the page tree. A pop up window appears with the network error message (I will grab a screen shot next time I see it). Also when navigating through the admin I get random 500 errors. 
      php 5.6.x
      nginx
      cloud hosting service
      A couple of corresponding logs below.
      Error log in pw admin:
      Error: Cannot instantiate abstract class ProcessWire\ProcessPageListRender (line 331 of /xxx/xxx/xxx/wire/modules/Process/ProcessPageList/ProcessPageList.module)
      Nginx Error log:
      017/05/12 10:11:47 [error] 7305#0: *14305329 readv() failed (104: Connection reset by peer) while reading upstream, client: xx.xxx.xxx.xxx, server: theserver, request: "GET /login/page/ HTTP/1.1", upstream: "fastcgi://unix:/xxxxx/dev/.php-fpm.socket:", host: "thehost", referrer: "http://domain/login/setup/logs/view/errors/"
      017/06/21 14:15:29 [error] 29093#0: *106631997 readv() failed (104: Connection reset by peer) while reading upstream, client: xx.xxx.xxx.xxx, server: server, request: "GET /login/page/edit/?id=1489 HTTP/1.1", upstream: "fastcgi://unix:/xxxxx/dev/.php-fpm.socket:", host: "thehost", referrer: "http://domain/login/page/"
      Thanks for your time.
×
×
  • Create New...