nginx location directive

1. okay.. I saved htpasswd file in /etc/nginx/ folder, made the necessary changes to nginx.conf. Now when I access admincp/ and give the correct password, index.php prompts to download.

Hello,

Here is my configuration file working as expected:

Code:

server {
	listen   80;
	server_name  example.com;
	rewrite ^/(.*) http://www.example.com/$1 permanent;
}

sserver {
	listen   80;
	server_name www.example.com;

	access_log /home/public_html/example.com/logs/access.log;
	error_log /home/public_html/example.com/logs/error.log;

	root   /home/public_html/example.com/public/;
	index  index.html index.php;
	error_page  404  /404.php;

	client_max_body_size 32M;
	client_body_buffer_size 128k;

	# Serve static files directly and expire header
	location ~ /forum/(images/|clientscript/).* {
		access_log        off;
		expires           30d;
	}

	# Protect vBulletin & vBSeo
	location ~ /forum/(admincp/|modcp/|vbseocp\.php).* {
		fastcgi_pass    127.0.0.1:9000;
		fastcgi_index   index.php;
		fastcgi_param   SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		include         fastcgi_params;

		auth_basic            "Restricted";
		auth_basic_user_file  htpasswd;
	}

	# vBSeo - Start
	location /forum/ {

		rewrite ^/forum/((urllist|sitemap_).*\.(xml|txt)(\.gz)?)$ /forum/vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 last;

		if (!-e $request_filename) {
			rewrite ^(/forum/.*)$ /forum/vbseo.php last;
		}
	}

	if ($request_filename ~ "\.php$" ) {
		rewrite  ^(.*(admincp/|modcp/|vbseocp\.php).*) $1 last;
		rewrite ^(/forum/.*)$ /forum/vbseo.php last;
	}
	# vBSeo - End

	# FastCGI
	location ~ \.php$ {
		fastcgi_pass    127.0.0.1:9000;
		fastcgi_index   index.php;
		fastcgi_param   SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		include         fastcgi_params;
	}
}

Hi,

Just updated with a small correction.

Thank you.

I got password protect working. The problem was nothing but just the order. I was also facing the problem of images/css/js 404 (with vbseo enabled and when stored in filesystem) since 2 days, but not anymore.

Now yours need some cleanup.

Code:

# Protect vBulletin & vBSeo
	location ~ /forum/(admincp/|modcp/|vbseocp\.php).* {
		fastcgi_pass    127.0.0.1:9000;
		fastcgi_index   index.php;
		fastcgi_param   SCRIPT_FILENAME  $document_root$fastcgi_script_name;
		include         fastcgi_params;

		auth_basic            "Restricted";
		auth_basic_user_file  htpasswd;
}

Why have you added the 4 fastcgi lines in the above code, when its already being defined! Remove it, and follow this order:-

# Serve Static Files (Its working good for me without it, can you explain its significance please?)

# FastCGI

# Password Protect (Remove those 4 fastcgi lines and also protect includes/ and install/ folders, its good for security.)

# vBSEO Rules (The default rules in nginx.txt work perfect for me)

Hi,

# Serve Static Files

I use this to tell browsers/proxys that images (png,gif,jpg) & clientscript (css, js) expires 30 days from now.
There is an alternative to expire files by extension, but if you have albums with rewritten images, this will fail.
I also don't need to log js, css and images.

The 4 FastCGI lines inside the protected area is used because without it I get a download window like you.

I think you have 3 problems with you configuration:

- vbsecp.php is not protected
- admincp/index.php not protected (nginx location directive)
- When someone goes to "my-topic-url-1234-new/" you get showthread.php?p=4321#post4321

Please test and tell me.

Thanks for pointing those out. I do have those three problems. Here's what I had figured out till now. If you could please review these, nfn.

Here are some notes for troubleshooting (my forums are in root):

1. vbseocp.php and admincp/index.php

Problem : Above files not protected:-

Solution :

- The Password Protect rules should be above FastCGI Rules.
- Need to add the following in vBSEO Rules

Code:

if ($request_filename ~ "\.php$" ) {
    rewrite ^(.*(admincp/|modcp/|includes/|install/|vbseocp\.php).*) $1 last;
    rewrite ^(/.*)$ /vbseo.php last;
}

Problem : Now on correct login, the files prompt to download:-

Solution :

- So now when we can see all folders/files protected. But on correct login, a download file window appears. To rectify this issue, we need to add 4 lines to password rules from FastCGI Rules.

Code:

# Password Protect important Directories
    location ~ /(admincp/|modcp/|includes/|install/|vbseocp\.php) {
         fastcgi_pass   127.0.0.1:9000;
         fastcgi_index  index.php;
         fastcgi_param  SCRIPT_FILENAME  /home/username/public_html$fastcgi_script_name;
         include        fastcgi_params;

                auth_basic             "Restricted";
                auth_basic_user_file   /home/username/.htpasswd/passwd;
                access_log             /home/username/logs/admin.log  main;
}

2. When someone goes to "my-topic-url-1234-new/" you get showthread.php?p=4321#post4321

Solution :

- For the above problem, the default vBSEO rules need to edited to this:

Code:

rewrite ^/((urllist|sitemap_).*\.(xml|txt)(\.gz)?)$ /vbseo_sitemap/vbseo_getsitemap.php?sitemap=$1 last;

   if (!-e $request_filename) {
        rewrite ^/(.*)$ /vbseo.php last;
        }
   }

   if ($request_filename ~ "\.php$" ) {
        rewrite ^(.*(admincp/|modcp/|includes/|install/|vbseocp\.php).*) $1 last;
        rewrite ^/(.*)$ /vbseo.php last;
   }

Note the changes in closing of brackets. The vbseo rules are in two parts now.

nfn, I notice that you have edited ^/(.*) to ^(/.*). Both are working okay for me, does not make a difference. Can you tell why was it needed for you?

3. Album images, when stored in filesystem, give a 404.

Solution :

- Your solution works good nfn. As you said, just need to edit the Static files rule to:

Code:

location ~ /(images/|clientscript/).* {
      access_log      off;
      expires         30d;
}

Can there be a better solution for this? as I would like to do it by extension.

I seriously think, vBSEO team needs to test the software with nginx and provide us complete and perfect solution of the problems that we had been facing. I had wasted a lot of time in getting vbseo work as desired wih nginx. Please check the albums (when stored in files) and other issues as stated above.

nginx has become popular now, and many are moving to it. Not everybody has enough patience to handle these problems. So, please look into it.

thanks

Hi,

The configuration I posted above works very well and I was helped by Oleg.

nginx is a very weird animal . We can do a lot using regular expression, but I prefer apache syntax, that's why I move to apache few weeks ago, but then I start having memory problems and to get a stable system I need to have more Ram.

The workaround was, switch back to nginx

To expire content using the extension you can use:

Code:

location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico)$ {
    access_log        off;
    expires           30d;
}

But with this you have 404 errors with albums.
The problem is that nginx should use "content type" to let us do this, and I think that this is not possible at this time.

Posted by Igor Sysoev (Guest) on 18.08.2008 07:28
On Mon, Aug 18, 2008 at 12:37:40PM +0800, Delta Yeh wrote:

> So the only question remained is : Is it possible to set Expire
> header according to the response Content-Type in nginx?

No. Use the following configuraiton:

location / {
proxy_pass http://upstream;
proxy_redirect default;
}

location *~ \.(css|jpg|jpeg|gif)$ {
proxy_pass http://upstream;
expires max;
}

http://www.ruby-forum.com/topic/162837#715992

The configuration I posted above works very well and I was helped by Oleg.

Yor configuration is working very well with me too. I never said that its not working.

When someone goes to "my-topic-url-1234-new/" you get showthread.php?p=4321#post4321

What about this problem? Does it have to do something with "content-type" too? We both had to make that change in vbseo rules in order to get it working right! So, i guess the default rules in nginx.txt aren't perfect. Will that change be made official?

For the albums problem, why is it happening only with albums and with only vbseo album rewrites enabled? Many times we also keep some static files in root and at locations other than images/ and clientscript/. So its better to expire content using extension i think.

thanks

Originally Posted by webwizzy

What about this problem? Does it have to do something with "content-type" too? We both had to make that change in vbseo rules in order to get it working right! So, i guess the default rules in nginx.txt aren't perfect. Will that change be made official?

I think the default rules won't work as expected, since we need to place some of the code outside the location directive.
Oleg can give some official explanation.

Originally Posted by webwizzy

For the albums problem, why is it happening only with albums and with only vbseo album rewrites enabled? Many times we also keep some static files in root and at locations other than images/ and clientscript/. So its better to expire content using extension i think.

Because albums images file name are rewritten to myfilename.jpg and intercepted with vbseo.php, not served directly.
I would like to expire by content too, but that's not possible, as said by Igor Sysoev, the main nginx developer.