(2015-05-20, 02:56 PM)blindpet Wrote: [ -> ] (2015-05-20, 01:53 PM)martec Wrote: [ -> ] (2015-05-20, 01:35 PM)blindpet Wrote: [ -> ]I was thinking that but I am behind CloudFlare and only have a limited number of additional records (CNAME) I can add to it before I have to pay. It may also be an issue since I want to use https and the cheap certificates (I am told) don't support subdomains. As a last resort, I may do this but would prefer to avoid it, do you have a configuration working for the subdomain you can share?
https://gist.githubusercontent.com/marte...tfile1.txt
i using this in my forum
Ps. Change listen 8080; to listen 80; i forgot to change this for you. I using 8080 because of varnish-cache.
Ps2. subdomain is A records and not Cnames records
Thank you very much! I actually use Varnish too so this is great, could you share your vcl rules for mybb too? Are you using Varnish 3 or 4?
Are you running Wordpress on the same server?
CloudFlare did seem to let me add another A record for forum so my next concern is SSL. The stubborn part of me really wants to make this /forum location work but I'm very happy the subdomain solution was proposed.
I use joomla, but in separated VPS server.
my vcl rules something below.
https://gist.githubusercontent.com/marte...tfile1.txt
(2015-05-20, 03:21 PM)martec Wrote: [ -> ] (2015-05-20, 02:56 PM)blindpet Wrote: [ -> ] (2015-05-20, 01:53 PM)martec Wrote: [ -> ] (2015-05-20, 01:35 PM)blindpet Wrote: [ -> ]I was thinking that but I am behind CloudFlare and only have a limited number of additional records (CNAME) I can add to it before I have to pay. It may also be an issue since I want to use https and the cheap certificates (I am told) don't support subdomains. As a last resort, I may do this but would prefer to avoid it, do you have a configuration working for the subdomain you can share?
https://gist.githubusercontent.com/marte...tfile1.txt
i using this in my forum
Ps. Change listen 8080; to listen 80; i forgot to change this for you. I using 8080 because of varnish-cache.
Ps2. subdomain is A records and not Cnames records
Thank you very much! I actually use Varnish too so this is great, could you share your vcl rules for mybb too? Are you using Varnish 3 or 4?
Are you running Wordpress on the same server?
CloudFlare did seem to let me add another A record for forum so my next concern is SSL. The stubborn part of me really wants to make this /forum location work but I'm very happy the subdomain solution was proposed.
I use joomla, but in separated VPS server.
my vcl rules something below.
https://gist.githubusercontent.com/marte...tfile1.txt
Excellent, thanks again. Were you using Varnish 3 or 4? I've been concerned about varnish because I feel a speed increase, you haven't noticed any issues with undesired caching with your current configuration?
I just did some research and the regular ssl certificat will cost me 50$ whereas a wildcard SSL to support subdomains will cost me $150 so I'm still hoping to run it under /forum to avoid the extra costs.
I finally solved this albiet quite hacky, the mybb location is in /var/www/htpcguides.com/forum and now this config works while leaving Wordpress alone
#This configuration has the following structure
#Wordpress is in the /var/www/htpcguides.com folder
#The myBB forum is in /var/www/htpcguides.com/forum
server {
server_name 192.168.174.139 default_server;
listen 80;
access_log /var/log/nginx/htpcguides.com.access.log;
error_log /var/log/nginx/htpcguides.com.error.log;
root /var/www/htpcguides.com/;
index index.php index.htm index.html;
location / {
try_files $uri $uri/ /index.php?$args;
port_in_redirect off;
}
location /forum {
server_tokens off;
index index.html index.htm index.php;
rewrite ^/forum-([0-9]+)\.html$ /forumdisplay.php?fid=$1;
rewrite ^/forum-([0-9]+)-page-([0-9]+)\.html$ /forumdisplay.php?fid=$1&page=$2;
rewrite ^/thread-([0-9]+)\.html$ /showthread.php?tid=$1;
rewrite ^/thread-([0-9]+)-page-([0-9]+)\.html$ /showthread.php?tid=$1&page=$2;
rewrite ^/thread-([0-9]+)-lastpost\.html$ /showthread.php?tid=$1&action=lastpost;
rewrite ^/thread-([0-9]+)-nextnewest\.html$ /showthread.php?tid=$1&action=nextnewest;
rewrite ^/thread-([0-9]+)-nextoldest\.html$ /showthread.php?tid=$1&action=nextoldest;
rewrite ^/thread-([0-9]+)-newpost\.html$ /showthread.php?tid=$1&action=newpost;
rewrite ^/thread-([0-9]+)-post-([0-9]+)\.html$ /showthread.php?tid=$1&pid=$2;
rewrite ^/post-([0-9]+)\.html$ /showthread.php?pid=$1;
rewrite ^/announcement-([0-9]+)\.html$ /announcements.php?aid=$1;
rewrite ^/user-([0-9]+)\.html$ /member.php?action=profile&uid=$1;
rewrite ^/calendar-([0-9]+)\.html$ /calendar.php?calendar=$1;
rewrite ^/calendar-([0-9]+)-year-([0-9]+)\.html$ /calendar.php?action=yearview&calendar=$1&year=$2;
rewrite ^/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)\.html$ /calendar.php?calendar=$1&year=$2&month=$3;
rewrite ^/calendar-([0-9]+)-year-([0-9]+)-month-([0-9]+)-day-([0-9]+)\.html$ /calendar.php?action=dayview&calendar=$1&year=$2&month=$3&day=$4;
rewrite ^/calendar-([0-9]+)-week-(n?[0-9]+)\.html$ /calendar.php?action=weekview&calendar=$1&week=$2;
rewrite ^/event-([0-9]+)\.html$ /calendar.php?action=event&eid=$1;
rewrite ^/archive/index.php/forum-([0-9]+)\.html$ /forum/archive/index.php?forum-$1.html;
rewrite ^/archive/index.php/thread-([0-9]+)\.html$ /forum/archive/index.php?thread-$1.html;
location ~ /forum/(inc|uploads/avatars) {
deny all;
}
location ~ /forum/\.ht {
deny all;
}
}
location ~* \.(jpg|jpeg|gif|png|css|ico|xml)$ {
access_log off;
log_not_found off;
expires 360d;
}
location ~ ^/(bin|SQL)/ {
deny all;
}
##This passes the php to the socket for processing for both Wordpress and myBB thanks to the bottom line
location ~ \.php$ {
try_files $uri =404;
include fastcgi_params;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
##Block access to ht access
location ~ /\.ht {
deny all;
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyadmin {
rewrite ^/* /phpmyadmin last;
}
}
Looks good to me, though you have the htaccess block in twice
(2015-05-22, 06:36 AM)Euan T Wrote: [ -> ]Looks good to me, though you have the htaccess block in twice
In my tests I needed one .ht block for wordpress and another for forum (forum here uses nested locations). I'm sure there's a regex that will mean it applies to all locations. Right now I'm too scared to break it
Haha, fair enough
I tend to put all those kind of restrictions into a single file, at /etc/nginx/conf.d/restictions.conf:
# Prevent clients from accessing hidden files (starting with a dot)
# This is particularly important if you store .htpasswd files in the site hierarchy
location ~* (?:^|/)\. {
deny all;
}
# Prevent clients from accessing to backup/config/source files
location ~* (?:\.(?:bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
deny all;
}
I have a few other files like these too which I simply include:
upstream go-api {
server 127.0.0.1:9003;
}
server {
listen 80;
server_name site.com;
root /srv/www/site.com/public_html;
error_log /srv/www/site.com/logs/error.log;
access_log /srv/www/site.com/logs/access.log main;
include /etc/nginx/default.d/*.conf;
location /api/v1/ {
rewrite /api/v1/(.*) /$1 break;
proxy_pass http://go-api;
proxy_redirect default;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 404 /404.html;
}