diff --git a/mods/sample-nginx.config b/mods/sample-nginx.config index 811be404d..2383b6a44 100644 --- a/mods/sample-nginx.config +++ b/mods/sample-nginx.config @@ -25,6 +25,7 @@ # You want all friendica traffic to be https # You have an SSL certificate and key for your subdomain # You have PHP FastCGI Process Manager (php5-fpm) running on localhost +# You have Friendica installed in /mnt/friendica/www ## server { @@ -64,44 +65,45 @@ server { # rewrite to front controller as default rule location / { - rewrite ^/(.*) /index.php?q=$1 last; + rewrite ^/(.*) /index.php?q=$uri&$args last; } - # make sure webfinger isn't blocked by denying dot files - # and rewrite to front controller - location = /.well-known/host-meta { + # make sure webfinger and other well known services aren't blocked + # by denying dot files and rewrite request to the front controller + location ^~ /.well-known/ { allow all; - rewrite ^/(.*) /index.php?q=$1 last; + rewrite ^/(.*) /index.php?q=$uri&$args last; } # statically serve these file types when possible # otherwise fall back to front controller # allow browser to cache them # added .htm for advanced source code editor library - location ~* \.(jpg|jpeg|gif|png|css|js|ico|htm|html)$ { + location ~* \.(jpg|jpeg|gif|png|css|js|htm|html)$ { expires 30d; try_files $uri /index.php?q=$uri&$args; } - # block these file types - location ~* \.(tpl|md|git|tgz|log|out) { + location ~* \.(tpl|md|tgz|log|out)$ { deny all; } # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~* \.php$ { fastcgi_split_path_info ^(.+\.php)(/.+)$; - # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini - # # With php5-cgi alone: + # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini + + # With php5-cgi alone: # fastcgi_pass 127.0.0.1:9000; + # With php5-fpm: fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_index index.php; include fastcgi_params; } - # deny access to all dot files (including .htaccess) + # deny access to all dot files location ~ /\. { deny all; }