0

Base on that architecture:

├── application
├── assets
├── bloxby_enterprise_1_4_0.zip
├── build
├── ci_3.1.9
├── config.ini
├── elements
├── _htaccess
├── images
├── img
├── index.php
├── install
├── license.txt
├── Makefile
├── node_modules
├── package.ini
├── package.json
├── package-lock.json
├── README-.md
├── README.md
├── tmp
├── vendor
└── webpack.config.js

I am trying to expose my webiste using nginx. My index.php redirect to /install where is located another index.php that is suppose to launch my installation.

I succeed to expose my webiste and hit the first index.php. The redirection is made but I am stuck in an infinite loop. Any clue ? Here my nginx conf.

server {
    index index.php;
    listen             80;
    server_name XXX;
    return       301 https://XXX$request_uri;
}


server {
    listen       443;
    ssl on;
    server_name XXX;
    root /opt/participate;
    index index.php /install/.index.php

    error_log /var/log/nginx/XXX.log;
    access_log /var/log/nginx/XXX.log;

    ssl_certificate /etc/letsencrypt/live/XXX/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/XXX/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


location / {
        try_files $uri  /index.php$is_args$args;
   } 


location ~ ^/index\.php(/|$) {
        fastcgi_pass localhost:9000;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $request_filename;
        fastcgi_param DOCUMENT_ROOT $realpath_root;
        internal;
    }

    # return 404 for all other php files not matching the front controller
    # this prevents access to other php files you don't want to be accessible.
    #location ~ \.php$ {
    #    return 404;
    #}




}
Boat
  • 509
  • 3
  • 8
  • 21
  • You should consider move your public files in an dedicated folder. "public" is often used. And let the webserver use this folder as document root. Because with your setup every file is exposed. In particular the config.ini may be a security issue. – Bernhard May 18 '20 at 19:46
  • Please post the part of your main index.php where you redirect to the install index.php – Bernhard May 18 '20 at 19:49
  • Your configuration only executes one PHP file, and that is `/index.php`. Any other URI ending with `.php` (e.g. `/install/index.php`) will not match the regular expression you are using in the `location` statement. So if `index.php` attempts to redirect to another `.php` file, it will be redirected back to itself by the `try_files` statement. – Richard Smith May 19 '20 at 08:51

1 Answers1

0
location / {
        try_files $uri  /install/index.php$is_args$args;
   } 


location ~ ^/index\.php(/|$) {
        fastcgi_pass localhost:9000;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $request_filename;
        fastcgi_param DOCUMENT_ROOT $realpath_root;
        internal;
    }
    # return 404 for all other php files not matching the front controller
    # this prevents access to other php files you don't want to be accessible.
    #location ~ \.php$ {
    #    return 404;
    #}

Just for the time of the installation.

Boat
  • 509
  • 3
  • 8
  • 21