Category: NGINX
Nginx always overwrites the Server-Header
When I was configuring the nodejs server behind nginx, I experienced the issue that nginx always overwrote the Server header response.
This is a bit annoying, since I want to know what version of spludo runs on my site.
The solution is not to set
since that would only disable the version number.
The solution is:
HTTPS + NGINX with self signed SSL certificate
If you want to use https with nginx on your dedicated server, you have the option to buy a certificate. The other way, even though less secure for your clients: create a self signed certificate.
I want to show, how you can create a self signed certificate and how to use it with nginx on an ubuntu linux.
Open a root shell and head to the nginx configuration folder.
2
# cd /etc/nginx
Generate the self signed certificate and answer the questions.
Now make the files only visible to the owner (root).
Add the ssl section as new site:
with this code:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
listen 443;
ssl on;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
server_name ssl.example.org;
location / {
root /var/www/ssl.example.org;
index index.php;
}
# ... and so on
}
Reboot nginx:
Head to your site: https://ssl.example.org. You'll recieve a message in your favorite browser saying that the certificate is insecure, because the author signed it on his own. You have to make an exception.
This does not look very professional. So you should use this procedure only for projects, where you can live with this 'error message'.
Configure an Agavi Site with NGINX (using PHP-FPM)
I was used to configure my Agavi site with Lighttpd and recently switched to Nginx. The setup for Nginx was not so common to me, so I decided to write down what I had to do to configure it properly. Here is an example for dracoblue.net. Please change the parts of the script to suit your needs (the necessary parts are highlighted with "HINT:").
First of all install php5-fpm. On ubuntu I did it this way:
Now create a new file:
And add the following:
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
listen dracoblue.net:80;
# HINT: Add the servername, so Agavi is able to see that it's dracoblue.net
# Otherwise you'll get something like "localhost" here
server_name dracoblue.net;
location / {
# HINT: The directory where index.php is
root /home/dracobluenet/tags/1.0.0/pub;
index index.php;
# HINT: All files except those in "static" should be served by index.php
location ~* ^/(favicon.ico|robots.txt|static) {
break;
}
# HINT: All files except those in "static" should be served by index.php
if ($uri !~ "^/(favicon.ico|robots.txt|static|index.php)") {
rewrite ^/([^?]*)$ /index.php?/$1 last;
}
}
location ~ \.php($|/) {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
# HINT: The directory where index.php is + $fastcgi_script_name
fastcgi_param SCRIPT_FILENAME /home/dracobluenet/tags/1.0.0/pub$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_script_name;
}
}
As you can see, for projects I usually have only a "static" folder which is not served by agavi. This keeps the amount of work low, which nginx needs to do for each request to decide whether it should be served by php or not. I also added robots.txt and favicon.ico since you usually have them in root, too.
Restart nginx.
