magenx / magento-nginx-config Goto Github PK
View Code? Open in Web Editor NEWDefault Nginx config for Magento 2
Home Page: https://www.magenx.com
License: GNU General Public License v3.0
magento-nginx-config's People
Contributors
Stargazers
Watchers
Forkers
rpontes xxorax dahmaniadame andrewturner isaaclopes deivisonarthur leobarcellos pedro-garcia-interactiv4 williangringo tomtone olragon ninetian eyes2design ottonet clifox eignatov oreales bratucornel enricodeleo jonatanaxe tpymah mustafa07 mindis hafeez3000 djgoulaer hacklabmx xiaoguizhidao rcranganu elektro-plus itwars aportnov77 mattwoolnough raybog armandoleite tboulogne destinationend vangol ma2n dng-dev korbax dwdonline mwin007 kevin25 brentwpeterson baisoo arsenalwebdesign mohala562 racerveira justinelst tripuls-heuser shootgsm congdonglinux tkn98 seanmcy cyberomin partikelir naveedkumbhar chavao fitbodylife peak-dev ggeorggg molandtoxx dhirajforyou longnz devellop tech9ur djeraseit unimaster adrianoaguiar hmphu jackkam85 pddigital manojo123 pierredewit vafaronaghi nubors henrik115 guoyu07 mdaskin gunjan1111 kietluu lentiummmx ktosiu vicdoz bobwol deveshucer bluecomtutran adjogic viveklucky249-magento2-stuff viveklucky249 grzegorz77 getpagespeed rennefeld gsdsd isols blump kasaev lapustem pedrotiagosimao jaakkolanteromagento-nginx-config's Issues
It seems there is no configuration for "Rest Api"
- There is no "Rest Api" configuration for magento.
404 will be returned, if "http://magento.dev/api/rest/products" - "SOAP/XML-RPC" is Ok, "http://magento.dev/api/v2_soap/?wsdl=1"
Varnish Configuration is not there
I was checking your configuration and it looks good to me but i can not see the varnish configuration as well as how you are using SSL there.
SSL update
Hi,
You have written really great piece of code...thank you... i learn.... quite much ... but this Issue is to complex for me...still beyond my skills..
Could you pls update the part of manual? (magento2.1.5)
"for ssl configuration in nginx.conf you must:"?
I've done what you recommended but no success..
I can't bring nginx to SSL
I have tried many tricks ... Spent over 2 days about ::)
Could you help ?
edit: I can sent you access data to my test machine. Fresh dyployed.
Can't install config
after setting up the config, i can't start nginx:
root@*** /etc/nginx/Magento-nginx-config # ./m1_config_install.sh
---> CREATING NGINX CONFIGURATION FILES NOW
---> Enter your domain name (without www.): ***
---> Enter your web root path: /var/www/vhosts/***/production/www/
root@*** /etc/nginx/Magento-nginx-config # service nginx configtest
nginx: [emerg] open() "/etc/nginx/conf_m1/spider.conf" failed (2: No such file or directory) in /etc/nginx/sites-enabled/magento.conf:33
nginx: configuration file /etc/nginx/nginx.conf test failed
seems like the script is failing to move some files:
Unknown Variable
I have this coming up when using the headers.conf
nginx: [emerg] unknown "hsts_header" variable
Testing on the Magento nginx configurations
Hi,
I was wondering if you have done extensive testing with the magento nginx configuration in the way of optimization and best practices?
Thanks
Unknown request_id variable
This is what I get trying to start nginx
unknown "request_id" variable
Multi-Store Sitemaps not supported!
With the current configuration the sitemaps_$STORECODE.xml redirecting to 404 which is a bit problematic, I have sent a pull request with a possible solution by putting the sitemaps in sitemaps directory.
unknown log format "main"
nginx: [emerg] unknown log format "main" in /etc/nginx/sites-enabled/magento2.conf:56
Using the latest stable version 1.14.0 on Ubuntu 18.04.1 LTS
HTTP upload error
In case you encounter an "HTTP upload error" when uploading a product picture, try adding this to your http block in your nginx config:
client_body_in_file_only clean;
client_body_buffer_size 32K;
client_max_body_size 30M;
Media directive problem
Hi,
seems that Magento don't rewrite and resize images both in admin area then frontend. After many searches it can be an nginx issue. Nginx configuration seems to be ok.
I have enabled nginx debug, passed all varnish requests and disabled opcache and i have this result:
`
% curl -Ivl "https://www.mydomain.com/media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image"
- Trying xxx.xxx.xxx.xxx...
- TCP_NODELAY set
- Connected to www.mydomain.com (xxx.xxx.xxx.xxx) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- successfully set certificate verify locations:
- CAfile: /etc/ssl/cert.pem
CApath: none - TLSv1.2 (OUT), TLS handshake, Client hello (1):
- TLSv1.2 (IN), TLS handshake, Server hello (2):
- TLSv1.2 (IN), TLS handshake, Certificate (11):
- TLSv1.2 (IN), TLS handshake, Server key exchange (12):
- TLSv1.2 (IN), TLS handshake, Server finished (14):
- TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
- TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
- TLSv1.2 (OUT), TLS handshake, Finished (20):
- TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
- TLSv1.2 (IN), TLS handshake, Finished (20):
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN, server accepted to use h2
- Server certificate:
- subject: CN=mydomain.com
- start date: Mar 15 09:21:16 2021 GMT
- expire date: Jun 13 09:21:16 2021 GMT
- subjectAltName: host "www.mydomain.com" matched cert's "www.mydomain.com"
- issuer: C=US; O=Let's Encrypt; CN=R3
- SSL certificate verify ok.
- Using HTTP2, server supports multi-use
- Connection state changed (HTTP/2 confirmed)
- Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
- Using Stream ID: 1 (easy handle 0x7fe85d00d600)
HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/2
Host: www.mydomain.com
User-Agent: curl/7.64.1
Accept: /
- Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
< HTTP/2 200
HTTP/2 200
< server: nginx
server: nginx
< date: Thu, 01 Apr 2021 07:39:54 GMT
date: Thu, 01 Apr 2021 07:39:54 GMT
< content-type: image/jpeg
content-type: image/jpeg
< content-length: 25929
content-length: 25929
< last-modified: Wed, 17 Mar 2021 16:07:28 GMT
last-modified: Wed, 17 Mar 2021 16:07:28 GMT
< etag: "60522940-6549"
etag: "60522940-6549"
< expires: Thu, 31 Dec 2037 23:55:55 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
< cache-control: max-age=315360000, public
cache-control: max-age=315360000, public
< accept-ranges: bytes
accept-ranges: bytes
<
- Connection #0 to host www.mydomain.com left intact
- Closing connection 0
`
In nginx logs I have:
`
2021/04/01 09:39:54 [notice] 1273459#1273459: 7 "^/static/(version\d/)?(.*)$" does not match "/media/catalog/product/0/1/018084910993.jpg", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [notice] 1273459#1273459: *7 "/(admin_6g9joz|PMA_PLACEHOLDER)/" does not match "/media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [notice] 1273459#1273459: 7 "^(./)index.php(/?)(.*)" does not match "/media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [notice] 1273459#1273459: *7 "^(brand|cat|color|dir|from|limit|price|type|mode|size|manufacturer|product_list_mode|product_list_order|product_list_dir)=.+" does not match "width=320&height=320&store=it&image-type=small_image", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [warn] 1273459#1273459: *7 using uninitialized "filters" variable, client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
`
and all images url generate full image with parameters
nginx: [emerg] zero size shared memory zone "zone1"
nginx: [emerg] zero size shared memory zone "zone1"
Using the latest stable nginx version 1.14.0 on Ubuntu 18.04.1 LTS
It works if I just cut the inclusion of the extra_protect.conf
zone2 and 3 are probably failing too.
nginx: [emerg] duplicate listen options for 0.0.0.0:80 in /etc/nginx/port.conf:1
Hello,
I get the following error while trying to start nginx after using the m1_config_install.sh:
nginx: [emerg] duplicate listen options for 0.0.0.0:80 in /etc/nginx/port.conf:1
- Ubuntu 16.04 xenial
- nginx/1.11.2
I assume that it has something to do with the "reuseport" option, but I don't know how to resolve it other than removing it.
Block Estimated Shipping Methods
Good afternoon,
I do not know why this URL is blocked :
However this URL is used in checkout page cart to estimate shipping rates ?
Thank you,
Ilan
Limit requests in extra_protect.conf are stopping Magento's AJAX search functionality
The zones setup in extra_protect.conf prevent Magento's ajax function from doing searches on the fly. Nginx's error log is full of these errors:
limiting requests, excess: 0.288 by zone "zone3", client: 127.0.0.1, server: mystore.com, request: "GET /search/ajax/suggest/?q=test
I'm not a nginx pro, but is there a way to modify the .conf files to create a whitelist or exception for the localhost 127.0.0.1 so it doesn't get denied by the limit requests in extra_protect.conf?
Tweak fastcgi buffers, just in case.
fastcgi_max_temp_file_size 0;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 4k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
Requests blocked from LinkedIn app on iOS
The regex for bad user agents includes this line:
~*(larbin|LeechFTP|Lightspeedsystems|litemage_walker|Link|LinksManager.com|Lipperhey|LinkpadBot|linkwalker|lwp-trivial|ltx71) 1;
However, this also matches the user agent sent by requests from within the iOS LinkedIn app. For example:
Mozilla/5.0 (iPad; CPU OS 12_4_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 [LinkedInApp]
The simple solution is to remove |Link, though I'm not sure if there's a better solution, as I don't know what agent that was intended to match in the first place.
What happened to magenx.sh?
is it deprecated or private now or what? It was quite useful.
setrlimit
get the following error in nginx error.log running SELinux enforcing
setrlimit(RLIMIT_NOFILE, 100000) failed (1: Operation not permitted)
Protection against brute force attacks
Your extra_protect.conf does not catch the latest brute force attack location:
/index.phprss/catalog/notifystock/
You should change that line to something like:
location ~ rss/catalog/(review|notifystock) { deny all; }
Source 1: https://magento.com/security/best-practices/protect-your-magento-installation-password-guessing-new-update
Source 2: https://support.hypernode.com/knowledgebase/how-to-protect-your-magento-store-against-brute-force/
limit_req_zone errors
Since the new NGINX config, zones are set with limit_req_zone settings, but this seems to give errors in the NGINX error.log:
[error] 1021727#1021727: *548591 limiting requests, excess: 4.061 by zone "customer", client: 127.0.0.1, server: 159.XX.XXX.72, request: "GET /customer/section/load/?sections=mst-gtm-addtocart&force_new_section_timestamp=false&_=1676993964847 HTTP/1.1"
It seems to be all normal requests. Should I higher the limits?
www user history is truncated at ssh login
www user history is truncated at ssh login
before I thought it was still there from previous setting
is there a setting to "keep" the historty from previous sessions also in new session? Or is this new centos8?
example:
when login with user
and execute history
then there is no history
Forbidden admin url include DEV
If
location ~ /(app|var|downloader|includes|pkginfo|dev|errors/local.xml)/ {
deny all;
}
this link not open (forbidden):
index.php/zxcvb/system_config/edit/section/dev/
Nginx Load balancer
Do you have instructions how scale php backend for 2 or more servers.
invalid parameter "if=$writelog"
While using default nginx install on Ubuntu 14.04 I'm running into the following error:
invalid parameter "if=$writelog" in /etc/nginx/sites-enabled/magento.conf:13
I assume that the map module is installed, because if you rely on this post http://askubuntu.com/a/556382 it should be included in the standard http modules.
Any clue?
'location' incompatibilities...
The two directives in magento.conf:
line 78: location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
and
line 95: location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
are incompatible for 'x.js' with line 78 being evaluated and not 95.
A temporary fix is to remove 'js' from line 78. This will resolve a 404 for javascript used on the admin 'forgot password' screen. This will of course have the effect of removing far future expires for all javascript files.
I will update if I find other affected files elsewhere in Magento.
Question: 502 Bad Gateway
Recently, I configured my installation to omit /index.php/ in urls. Everything seems to be working fine, expect for the url patterns mapped to HHVM and PHP-FPM ports in maps.conf. Accessing one of these routes returns a 502 Bade Gateway error. When I remove these rules everything works like it's supposed to do.
What could be the reason I get this error? Are these responses cached?
Magento 2 webp
Hi
Im trying to serve webp images if they exist on /media/ folder.
My current assets.conf looks like this. I can't figure out why get.php won't be called if jpg/png picture on cache does not exist. If there is no product image on cache i get 404 to image that this does not exist, i think its because get.php does not create that.
location /media/ {
####webp####
location ~* ^(/media/.+)\.(png|jpe?g)$ {
set $base $1;
set $webp_uri $base$webp_suffix;
set $webp_old_uri $base.$2$webp_suffix;
set $root "/vaw/www/htdocs/pub";
root $root;
expires max;
add_header Cache-Control "public";
add_header Vary Accept;
if ( !-f $root$webp_uri ) {
add_header X_WebP_SP_Miss $root$webp_uri;
}
try_files $webp_uri $webp_old_uri $uri $uri/ /get.php$is_args$args =404;
}
########
## images css js
location ~* \.(jpg|jpeg|png|webp|gif|svg|js|css|ico|txt)$ {
expires max;
add_header Cache-Control "public";
try_files $uri $uri/ @media;
}
## fonts
location ~* \.(swf|eot|ttf|otf|woff|woff2)$ {
expires max;
add_header Cache-Control "public";
try_files $uri $uri/ @media;
}
try_files $uri $uri/ @media;
}
location @static { rewrite /static/(version\d*/)?(.*)$ /static.php?resource=$2 last; }
location @media { try_files $uri $uri/ /get.php$is_args$args; }
Multiple domains and multiple php-fpm pools conflicting!
For some reason when running multiple domains/vhosts it is conflicting and it does not pass the relevant PHP pool?
Now I have created two maps.conf as each domain will have multiple domains/stores.
Now the issue is domain1 using xxxxx pool and when I var_dump
$params = $_SERVER;
var_dump($_SERVER);
exit;
For domain1 it returns the following:
array(
39) {
[
"USER"
] => string(9) "xxxxxx"[
"HOME"
] => string(15) "/home/xxxxxx"[
"HTTP_COOKIE"
] => string(340) "_ga=GA1.3.2089969139.1586092654; _gid=GA1.3.1706564775.1586092654; _fbp=fb.2.1586092653868.278218693; _hjid=e84418d7-c956-41fc-9e4e-d5c6022e4160; mage-cache-storage=%7B%7D; mage-cache-storage-section-invalidation=%7B%7D; _hjIncludedInSample=1; X-Magento-Vary=e3cb9ab3566a693edff3edf82caa39b1ed79e8ba; section_data_ids=%7B%22gtm%22%3A7000%7D"[
"HTTP_ACCEPT_LANGUAGE"
] => string(23) "en-GB,en;q=0.9,ar;q=0.8"[
"HTTP_ACCEPT_ENCODING"
] => string(17) "gzip, deflate, br"[
"HTTP_SEC_FETCH_USER"
] => string(2) "?1"[
"HTTP_SEC_FETCH_MODE"
] => string(8) "navigate"[
"HTTP_SEC_FETCH_SITE"
] => string(4) "none"[
"HTTP_ACCEPT"
] => string(124) "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"[
"HTTP_SEC_FETCH_DEST"
] => string(8) "document"[
"HTTP_USER_AGENT"
] => string(115) "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"[
"HTTP_UPGRADE_INSECURE_REQUESTS"
] => string(1) "1"[
"HTTP_DNT"
] => string(1) "1"[
"HTTP_CACHE_CONTROL"
] => string(9) "max-age=0"[
"HTTP_HOST"
] => string(20) "www.xxxxxx.co.uk"[
"MAGE_RUN_TYPE"
] => string(0) ""[
"MAGE_RUN_CODE"
] => string(0) ""[
"REDIRECT_STATUS"
] => string(3) "200"[
"SERVER_NAME"
] => string(15) "www.xxxxxx.com"[
"SERVER_ADDR"
] => string(15) "000.000.000.000"[
"REMOTE_PORT"
] => string(5) "41721"[
"REMOTE_ADDR"
] => string(13) "000.000.000.000"[
"SERVER_SOFTWARE"
] => string(12) "nginx/1.16.1"[
"GATEWAY_INTERFACE"
] => string(7) "CGI/1.1"[
"HTTPS"
] => string(2) "on"[
"SERVER_PROTOCOL"
] => string(8) "HTTP/2.0"[
"DOCUMENT_ROOT"
] => string(24) "/home/xxxxxx/public/pub"[
"DOCUMENT_URI"
] => string(10) "/index.php"[
"REQUEST_URI"
] => string(1) "/"[
"SCRIPT_NAME"
] => string(10) "/index.php"[
"SCRIPT_FILENAME"
] => string(34) "/home/xxxxx/public/pub/index.php"[
"CONTENT_LENGTH"
] => string(0) ""[
"CONTENT_TYPE"
] => string(0) ""[
"REQUEST_METHOD"
] => string(3) "GET"[
"QUERY_STRING"
] => string(0) ""[
"FCGI_ROLE"
] => string(9) "RESPONDER"[
"PHP_SELF"
] => string(10) "/index.php"[
"REQUEST_TIME_FLOAT"
] => float(1586095624.6495)[
"REQUEST_TIME"
] => int(1586095624)
}
How come Domain1 returning domain2 details? including the ownership etc...
domain-maps.conf
## Map php-fpm pass route
map $http_host$request_uri $MAGE_PHP_ROUTE {
default unix:/var/run/php7.2-fpm-domain1.sock; # default php-fpm
}
## Map files to exclude from access log
# map $request $writelog {
# default 1;
# ~*\.woff2 0;
# ~*\.jpg 0;
# ~*\.png 0;
# ~*\.gif 0;
# ~*\.css 0;
# ~*\.webp 0;
# ~*\.js 0;
# }
## map query parameter to magento profiler parameter
map $query_string $MAGE_PROFILER {
~DEVELOPMENT=Q9ARzXbrwI html;
}
## Filter API access
map $request_uri $api_access {
default 0;
~/(.*)/V1/customers(?!/me) 1;
~/(.*)/V1/customers/password 1;
~/(.*)/V1/customers/resetPassword 1;
~/(.*)/V1/customers/isEmailAvailable 1;
~/(.*)/V1/guest-carts/ 1;
~/(.*)/V1/integration/ 1;
~/(.*)/V1/search 1;
}
## CORS headers
map $http_origin $cors_origin {
default "";
~*.example.com$ "$http_origin";
}
## Admin location http auth
geo $authentication {
default "Authentication required";
127.0.0.1 "off";
1.2.3.4 "off";
}
## GEOIP routing
#map $geoip_country_code $geospatial {
# default example.com;
# RU example.com/shipping.html;
# US us.example.com;
# AS as.example.com;
#}
# microcache
map $request_uri $no_cache {
default 1;
~/searchautocomplete/ajax/get/ 0;
~/catalogsearch/ajax/suggest/ 0;
~/search/ajax/suggest/ 0;
}
## Multi shop code configuration
map $http_host $MAGE_RUN_CODE {
hostnames;
.domain1.co.uk base;
.domain2.com base_en;
}
map $http_host $MAGE_RUN_TYPE {
hostnames;
.domain1.co.uk website;
.domain2.com store;
}
## Map HSTS header
map $scheme $hsts_header { https "max-age=31556926; includeSubDomains; preload"; }
## Map bad user agents
map $http_user_agent $bad_client {
default 0;
~*(360Spider) 1;
~*(Aboundex|aiHitBot|AhrefsBot|AspiegelBot) 1;
~*(betaBot|BigBozz|BlackWidow|Bolt|BLEXBot|BUbiNG) 1;
~*(CazoodleBot|cispa|CPython|CCBot|ChinaClaw|Cliqzbot|coccocbot|Curious|CRAZYWEBCRAWLER|Custo) 1;
~*(Daumoa|Default|DeuSu|DIIbot|DISCo|discobot|DoCoMo|DuckDuckGo) 1;
~*(EasouSpider|eCatch|ecxi|EirGrabber|EmailCollector|EmailSiphon|EmailWolf|ExtractorPro|Exabot|Exploratodo|EyeNetIE) 1;
~*(FatBot|FlashGet|Findxbot) 1;
~*(GetRight|GetWeb!|GigablastOpenSource|Gigabot|gimme60bot|Go!Zilla|Go-Ahead-Got-It|Go.*package.*|GrabNet|Grafula|GT::WWW|GuzzleHttp) 1;
~*(heritrix|HaosouSpider|HMView|HTTP::Lite|HTTrack) 1;
~*(ia_archiver|IDBot|id-search|id-search.org|InterGET|InternetSeer.com|IRLbot) 1;
~*(JetCar) 1;
~*(larbin|LeechFTP|Lightspeedsystems|litemage_walker|Link|LinksManager.com|Lipperhey|LinkpadBot|linkwalker|lwp-trivial|ltx71) 1;
~*(Maxthon$|Mail.RU_Bot|meanpathbot|MegaIndex.ru|MFC_Tear_Sample|microsoft.url|Microsoft-IIS|Microsoft.*Office|Mozilla.*Indy|Mozilla.*NEWT|MJ12bot|MSFrontPage) 1;
~*(Navroad|NearSite|NetAnts|NetLyzer.*FastProbe|NetSpider|NetZIP|Nutch) 1;
~*(Octopus) 1;
~*(PageGrabber|panscient.com|pavuk|PECL::HTTP|PeoplePal|pcBrowser|Pi-Monster|PHPCrawl|PleaseCrawl|psbot|prijsbest) 1;
~*(Qwantify) 1;
~*(RealDownload|ReGet|RedesScrapy|Rippers|RocketCrawler) 1;
~*(SBIder|Scrapy|ScreenerBot|SEOprofiler|Screaming.*Spider|SeaMonkey|SeznamBot|SemrushBot|sitecheck.internetseer.com|SiteSnagger) 1;
~*(SmartDownload|Snoopy|SputnikBot|Steeler|SuperBot|SuperHTTP|Surfbot|sqlmap) 1;
~*(tAkeOut|Teleport|Toata|TwengaBot|Typhoeus) 1;
~*(URI::Fetch|User-Agent|UserAgent) 1;
~*(voltron|Vagabondo|VoidEYE|Visbot) 1;
~*(webalta|WebAuto|[Ww]eb[Bb]andit|WebCollage|WebCopier|WebFetch|WebLeacher|WebReaper|WebSauger|WebStripper|WebWhacker|WhatsApp) 1;
~*(WebZIP|Widow|Wotbox|WWW-Mechanize|WWWOFFLE) 1;
~*(XoviBot) 1;
~*(zermelo|Zeus|Zeus.*Webster|zgrab|ZyBorg) 1;
}
domain2-maps.conf
## Map php-fpm pass route
map $http_host$request_uri $MAGE_PHP_ROUTE {
default unix:/var/run/php7.2-fpm-xxxxx.sock; # default php-fpm
}
## Map files to exclude from access log
# map $request $writelog {
# default 1;
# ~*\.woff2 0;
# ~*\.jpg 0;
# ~*\.png 0;
# ~*\.gif 0;
# ~*\.css 0;
# ~*\.webp 0;
# ~*\.js 0;
# }
## map query parameter to magento profiler parameter
map $query_string $MAGE_PROFILER {
~DEVELOPMENT=Q9ARzXbrwI html;
}
## Filter API access
map $request_uri $api_access {
default 0;
~/(.*)/V1/customers(?!/me) 1;
~/(.*)/V1/customers/password 1;
~/(.*)/V1/customers/resetPassword 1;
~/(.*)/V1/customers/isEmailAvailable 1;
~/(.*)/V1/guest-carts/ 1;
~/(.*)/V1/integration/ 1;
~/(.*)/V1/search 1;
}
## CORS headers
map $http_origin $cors_origin {
default "";
~*.example.com$ "$http_origin";
}
## Admin location http auth
geo $authentication {
default "Authentication required";
127.0.0.1 "off";
1.2.3.4 "off";
}
## GEOIP routing
#map $geoip_country_code $geospatial {
# default example.com;
# RU example.com/shipping.html;
# US us.example.com;
# AS as.example.com;
#}
# microcache
map $request_uri $no_cache {
default 1;
~/searchautocomplete/ajax/get/ 0;
~/catalogsearch/ajax/suggest/ 0;
~/search/ajax/suggest/ 0;
}
## Multi shop code configuration
map $http_host $MAGE_RUN_CODE {
hostnames;
.xxxxxx.co.uk base;
.xxxxxxx.com base_en;
}
map $http_host $MAGE_RUN_TYPE {
hostnames;
.xxxxxxx.co.uk website;
.xxxxxxx.com store;
}
## Map HSTS header
map $scheme $hsts_header { https "max-age=31556926; includeSubDomains; preload"; }
## Map bad user agents
map $http_user_agent $bad_client {
default 0;
~*(360Spider) 1;
~*(Aboundex|aiHitBot|AhrefsBot|AspiegelBot) 1;
~*(betaBot|BigBozz|BlackWidow|Bolt|BLEXBot|BUbiNG) 1;
~*(CazoodleBot|cispa|CPython|CCBot|ChinaClaw|Cliqzbot|coccocbot|Curious|CRAZYWEBCRAWLER|Custo) 1;
~*(Daumoa|Default|DeuSu|DIIbot|DISCo|discobot|DoCoMo|DuckDuckGo) 1;
~*(EasouSpider|eCatch|ecxi|EirGrabber|EmailCollector|EmailSiphon|EmailWolf|ExtractorPro|Exabot|Exploratodo|EyeNetIE) 1;
~*(FatBot|FlashGet|Findxbot) 1;
~*(GetRight|GetWeb!|GigablastOpenSource|Gigabot|gimme60bot|Go!Zilla|Go-Ahead-Got-It|Go.*package.*|GrabNet|Grafula|GT::WWW|GuzzleHttp) 1;
~*(heritrix|HaosouSpider|HMView|HTTP::Lite|HTTrack) 1;
~*(ia_archiver|IDBot|id-search|id-search.org|InterGET|InternetSeer.com|IRLbot) 1;
~*(JetCar) 1;
~*(larbin|LeechFTP|Lightspeedsystems|litemage_walker|Link|LinksManager.com|Lipperhey|LinkpadBot|linkwalker|lwp-trivial|ltx71) 1;
~*(Maxthon$|Mail.RU_Bot|meanpathbot|MegaIndex.ru|MFC_Tear_Sample|microsoft.url|Microsoft-IIS|Microsoft.*Office|Mozilla.*Indy|Mozilla.*NEWT|MJ12bot|MSFrontPage) 1;
~*(Navroad|NearSite|NetAnts|NetLyzer.*FastProbe|NetSpider|NetZIP|Nutch) 1;
~*(Octopus) 1;
~*(PageGrabber|panscient.com|pavuk|PECL::HTTP|PeoplePal|pcBrowser|Pi-Monster|PHPCrawl|PleaseCrawl|psbot|prijsbest) 1;
~*(Qwantify) 1;
~*(RealDownload|ReGet|RedesScrapy|Rippers|RocketCrawler) 1;
~*(SBIder|Scrapy|ScreenerBot|SEOprofiler|Screaming.*Spider|SeaMonkey|SeznamBot|SemrushBot|sitecheck.internetseer.com|SiteSnagger) 1;
~*(SmartDownload|Snoopy|SputnikBot|Steeler|SuperBot|SuperHTTP|Surfbot|sqlmap) 1;
~*(tAkeOut|Teleport|Toata|TwengaBot|Typhoeus) 1;
~*(URI::Fetch|User-Agent|UserAgent) 1;
~*(voltron|Vagabondo|VoidEYE|Visbot) 1;
~*(webalta|WebAuto|[Ww]eb[Bb]andit|WebCollage|WebCopier|WebFetch|WebLeacher|WebReaper|WebSauger|WebStripper|WebWhacker|WhatsApp) 1;
~*(WebZIP|Widow|Wotbox|WWW-Mechanize|WWWOFFLE) 1;
~*(XoviBot) 1;
~*(zermelo|Zeus|Zeus.*Webster|zgrab|ZyBorg) 1;
}
Multistore. There is no option to place an order to a guest.
If the second store has the code /ua, then in the console of the browser when trying to create an order for a guest appears error 404
https://domain.com/ua/rest/ua/V1/guest-carts/evByOi1KLV5USJr2iUO5F5fcnxI4aNHO/payment-information?_=4654654654656 - error 404
Unable to access *opcache_gui.php in magento2 setup
Unable to access "Opcache interface http://www.${MAGE_DOMAIN}/${OPCACHE_FILE}_opcache_gui.php" in magento2 setup.
possible fix, file: magento2/sites-available/magento2.conf
, line:81
change: location ~ (index|get|static|report|404|503).php$ {
to location ~ (index|get|static|report|opcache_gui|404|503).php$ {
or we can modify it to allow white listed IPs only
410 Gone on catalog search page
Hi!
If there are Cyrillic characters in the search request, the server returns response status 410.
When you search for "Кран" - 410 Gone
1**.***.***.**1 - - [13/Jun/2023:13:02:48 +0300] "GET http://domain.com/catalogsearch/result/?q=%D0%BA%D1%80%D0%B0%D0%BD HTTP/1.1" 410 456 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.001 - "6cabd635dbe67c5f2eea81c1116e8828"
127.0.0.1 - - [13/Jun/2023:13:02:48 +0300] "GET http://domain.com/catalogsearch/result/?q=%D0%BA%D1%80%D0%B0%D0%BD HTTP/1.1" 410 279 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.000 - "1a23d4e96f623d71b73b4cfd48efc485"
When you search for "Qtap" - all OK
127.0.0.1 - - [13/Jun/2023:13:01:40 +0300] "GET http://domain.com/catalogsearch/result/?q=qtap HTTP/1.1" 200 404415 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.044 - "efbc798ec36a0274241e34e68aab9ff5"
1**.***.***.**1 - - [13/Jun/2023:13:01:40 +0300] "GET http://domain.com/catalogsearch/result/?q=qtap HTTP/1.1" 200 46590 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.056 - "1ffa658eb52d2fbf6bda68b54d8f9cf3"
Perhaps the problem is here:
Info for reference
nginx template created by openmage community member. maybe it helps
https://github.com/OpenMage/magento-lts/pull/1209/files#diff-9e3923f9fdb3de5d1849d1eca7869eb6R10
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.