aboutsummaryrefslogtreecommitdiffstats
path: root/phpBB/docs/nginx.sample.conf
blob: c5a9472a1c49727c4115f36ea3f54c4518197e9c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# Sample nginx configuration file for phpBB.
# Global settings have been removed, copy them
# from your system's nginx.conf.
# Tested with nginx 0.8.35.

# If you want to use the X-Accel-Redirect feature,
# add the following to your config.php.
#
#  define('PHPBB_ENABLE_X_ACCEL_REDIRECT', true);
#
# See http://wiki.nginx.org/XSendfile for the details
# on X-Accel-Redirect.

http {
    # Compression - requires gzip and gzip static modules.
    gzip on;
    gzip_static on;
    gzip_vary on;
    gzip_http_version 1.1;
    gzip_min_length 700;

    # Compression levels over 6 do not give an appreciable improvement
    # in compression ratio, but take more resources.
    gzip_comp_level 6;

    # IE 6 and lower do not support gzip with Vary correctly.
    gzip_disable "msie6";
    # Before nginx 0.7.63:
    #gzip_disable "MSIE [1-6]\.";

    # Catch-all server for requests to invalid hosts.
    # Also catches vulnerability scanners probing IP addresses.
    server {
        # default specifies that this block is to be used when
        # no other block matches.
        listen 80 default;

        server_name bogus;
        return 444;
        root /var/empty;
    }

    # If you have domains with and without www prefix,
    # redirect one to the other.
    server {
        # Default port is 80.
        #listen 80;

        server_name myforums.com;

        # A trick from http://wiki.nginx.org/Pitfalls#Taxing_Rewrites:
        return 301 http://www.myforums.com$request_uri;
    }

    # The actual board domain.
    server {
        #listen 80;
        server_name www.myforums.com;

        root /path/to/phpbb;

        location / {
            # phpBB uses index.htm
            index index.php index.html index.htm;
            try_files $uri $uri/ @rewriteapp;
        }

        location @rewriteapp {
            rewrite ^(.*)$ /app.php/$1 last;
        }

        # Deny access to internal phpbb files.
        location ~ /(config\.php|common\.php|cache|files|images/avatars/upload|includes|(?<!ext/)phpbb(?!\w+)|store|vendor) {
            deny all;
            # deny was ignored before 0.8.40 for connections over IPv6.
            # Use internal directive to prohibit access on older versions.
            internal;
        }

        # Pass the php scripts to fastcgi server specified in upstream declaration.
        location ~ \.php(/|$) {
            # Unmodified fastcgi_params from nginx distribution.
            include fastcgi_params;
            # Necessary for php.
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
            fastcgi_param DOCUMENT_ROOT $realpath_root;
            try_files $uri $uri/ /app.php$is_args$args;
            fastcgi_pass php;
        }

        # Correctly pass scripts for installer
        location /install/ {
            # phpBB uses index.htm
            try_files $uri $uri/ @rewrite_installapp =404;

            # Pass the php scripts to fastcgi server specified in upstream declaration.
            location ~ \.php(/|$) {
                # Unmodified fastcgi_params from nginx distribution.
                include fastcgi_params;
                # Necessary for php.
                fastcgi_split_path_info ^(.+\.php)(/.*)$;
                fastcgi_param PATH_INFO $fastcgi_path_info;
                fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
                fastcgi_param DOCUMENT_ROOT $realpath_root;
                try_files $uri $uri/ /install/app.php$is_args$args =404;
                fastcgi_pass php;
            }
        }

        location @rewrite_installapp {
            rewrite ^(.*)$ /install/app.php/$1 last;
        }

        # Deny access to version control system directories.
        location ~ /\.svn|/\.git {
            deny all;
            internal;
        }
    }

    # If running php as fastcgi, specify php upstream.
    upstream php {
        server unix:/tmp/php.sock;
    }
}