magenx / magento-nginx-config Goto Github PK
View Code? Open in Web Editor NEWDefault Nginx config for Magento 2
Home Page: https://www.magenx.com
License: GNU General Public License v3.0
Default Nginx config for Magento 2
Home Page: https://www.magenx.com
License: GNU General Public License v3.0
The two directives in magento.conf:
line 78: location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
and
line 95: location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
are incompatible for 'x.js' with line 78 being evaluated and not 95.
A temporary fix is to remove 'js' from line 78. This will resolve a 404 for javascript used on the admin 'forgot password' screen. This will of course have the effect of removing far future expires for all javascript files.
I will update if I find other affected files elsewhere in Magento.
With the current configuration the sitemaps_$STORECODE.xml redirecting to 404 which is a bit problematic, I have sent a pull request with a possible solution by putting the sitemaps in sitemaps directory.
Unable to access "Opcache interface http://www.${MAGE_DOMAIN}/${OPCACHE_FILE}_opcache_gui.php" in magento2 setup.
possible fix, file: magento2/sites-available/magento2.conf
, line:81
change: location ~ (index|get|static|report|404|503).php$ {
to location ~ (index|get|static|report|opcache_gui|404|503).php$ {
or we can modify it to allow white listed IPs only
Since the new NGINX config, zones are set with limit_req_zone settings, but this seems to give errors in the NGINX error.log:
[error] 1021727#1021727: *548591 limiting requests, excess: 4.061 by zone "customer", client: 127.0.0.1, server: 159.XX.XXX.72, request: "GET /customer/section/load/?sections=mst-gtm-addtocart&force_new_section_timestamp=false&_=1676993964847 HTTP/1.1"
It seems to be all normal requests. Should I higher the limits?
Hi,
You have written really great piece of code...thank you... i learn.... quite much ... but this Issue is to complex for me...still beyond my skills..
Could you pls update the part of manual? (magento2.1.5)
"for ssl configuration in nginx.conf you must:"?
I've done what you recommended but no success..
I can't bring nginx to SSL
I have tried many tricks ... Spent over 2 days about ::)
Could you help ?
edit: I can sent you access data to my test machine. Fresh dyployed.
Hello,
I get the following error while trying to start nginx after using the m1_config_install.sh:
nginx: [emerg] duplicate listen options for 0.0.0.0:80 in /etc/nginx/port.conf:1
I assume that it has something to do with the "reuseport" option, but I don't know how to resolve it other than removing it.
This is what I get trying to start nginx
unknown "request_id" variable
Good afternoon,
I do not know why this URL is blocked :
However this URL is used in checkout page cart to estimate shipping rates ?
Thank you,
Ilan
after setting up the config, i can't start nginx:
root@*** /etc/nginx/Magento-nginx-config # ./m1_config_install.sh
---> CREATING NGINX CONFIGURATION FILES NOW
---> Enter your domain name (without www.): ***
---> Enter your web root path: /var/www/vhosts/***/production/www/
root@*** /etc/nginx/Magento-nginx-config # service nginx configtest
nginx: [emerg] open() "/etc/nginx/conf_m1/spider.conf" failed (2: No such file or directory) in /etc/nginx/sites-enabled/magento.conf:33
nginx: configuration file /etc/nginx/nginx.conf test failed
nginx: [emerg] zero size shared memory zone "zone1"
Using the latest stable nginx version 1.14.0 on Ubuntu 18.04.1 LTS
It works if I just cut the inclusion of the extra_protect.conf
zone2 and 3 are probably failing too.
If
location ~ /(app|var|downloader|includes|pkginfo|dev|errors/local.xml)/ {
deny all;
}
this link not open (forbidden):
index.php/zxcvb/system_config/edit/section/dev/
Your extra_protect.conf does not catch the latest brute force attack location:
/index.phprss/catalog/notifystock/
You should change that line to something like:
location ~ rss/catalog/(review|notifystock) { deny all; }
Source 1: https://magento.com/security/best-practices/protect-your-magento-installation-password-guessing-new-update
Source 2: https://support.hypernode.com/knowledgebase/how-to-protect-your-magento-store-against-brute-force/
is it deprecated or private now or what? It was quite useful.
nginx template created by openmage community member. maybe it helps
https://github.com/OpenMage/magento-lts/pull/1209/files#diff-9e3923f9fdb3de5d1849d1eca7869eb6R10
While using default nginx install on Ubuntu 14.04 I'm running into the following error:
invalid parameter "if=$writelog" in /etc/nginx/sites-enabled/magento.conf:13
I assume that the map module is installed, because if you rely on this post http://askubuntu.com/a/556382 it should be included in the standard http modules.
Any clue?
Hi,
I was wondering if you have done extensive testing with the magento nginx configuration in the way of optimization and best practices?
Thanks
nginx: [emerg] unknown log format "main" in /etc/nginx/sites-enabled/magento2.conf:56
Using the latest stable version 1.14.0 on Ubuntu 18.04.1 LTS
The zones setup in extra_protect.conf prevent Magento's ajax function from doing searches on the fly. Nginx's error log is full of these errors:
limiting requests, excess: 0.288 by zone "zone3", client: 127.0.0.1, server: mystore.com, request: "GET /search/ajax/suggest/?q=test
I'm not a nginx pro, but is there a way to modify the .conf files to create a whitelist or exception for the localhost 127.0.0.1 so it doesn't get denied by the limit requests in extra_protect.conf?
If the second store has the code /ua, then in the console of the browser when trying to create an order for a guest appears error 404
https://domain.com/ua/rest/ua/V1/guest-carts/evByOi1KLV5USJr2iUO5F5fcnxI4aNHO/payment-information?_=4654654654656 - error 404
get the following error in nginx error.log running SELinux enforcing
setrlimit(RLIMIT_NOFILE, 100000) failed (1: Operation not permitted)
fastcgi_max_temp_file_size 0;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 4k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
I was checking your configuration and it looks good to me but i can not see the varnish configuration as well as how you are using SSL there.
Do you have instructions how scale php backend for 2 or more servers.
Hi
Im trying to serve webp images if they exist on /media/ folder.
My current assets.conf looks like this. I can't figure out why get.php won't be called if jpg/png picture on cache does not exist. If there is no product image on cache i get 404 to image that this does not exist, i think its because get.php does not create that.
location /media/ {
####webp####
location ~* ^(/media/.+)\.(png|jpe?g)$ {
set $base $1;
set $webp_uri $base$webp_suffix;
set $webp_old_uri $base.$2$webp_suffix;
set $root "/vaw/www/htdocs/pub";
root $root;
expires max;
add_header Cache-Control "public";
add_header Vary Accept;
if ( !-f $root$webp_uri ) {
add_header X_WebP_SP_Miss $root$webp_uri;
}
try_files $webp_uri $webp_old_uri $uri $uri/ /get.php$is_args$args =404;
}
########
## images css js
location ~* \.(jpg|jpeg|png|webp|gif|svg|js|css|ico|txt)$ {
expires max;
add_header Cache-Control "public";
try_files $uri $uri/ @media;
}
## fonts
location ~* \.(swf|eot|ttf|otf|woff|woff2)$ {
expires max;
add_header Cache-Control "public";
try_files $uri $uri/ @media;
}
try_files $uri $uri/ @media;
}
location @static { rewrite /static/(version\d*/)?(.*)$ /static.php?resource=$2 last; }
location @media { try_files $uri $uri/ /get.php$is_args$args; }
I have this coming up when using the headers.conf
nginx: [emerg] unknown "hsts_header" variable
In case you encounter an "HTTP upload error" when uploading a product picture, try adding this to your http block in your nginx config:
client_body_in_file_only clean;
client_body_buffer_size 32K;
client_max_body_size 30M;
www user history is truncated at ssh login
before I thought it was still there from previous setting
is there a setting to "keep" the historty from previous sessions also in new session? Or is this new centos8?
example:
when login with user
and execute history
then there is no history
Recently, I configured my installation to omit /index.php/ in urls. Everything seems to be working fine, expect for the url patterns mapped to HHVM and PHP-FPM ports in maps.conf
. Accessing one of these routes returns a 502 Bade Gateway error. When I remove these rules everything works like it's supposed to do.
What could be the reason I get this error? Are these responses cached?
For some reason when running multiple domains/vhosts it is conflicting and it does not pass the relevant PHP pool?
Now I have created two maps.conf as each domain will have multiple domains/stores.
Now the issue is domain1 using xxxxx pool and when I var_dump
$params = $_SERVER;
var_dump($_SERVER);
exit;
For domain1 it returns the following:
array(
39) {
[
"USER"
] => string(9) "xxxxxx"[
"HOME"
] => string(15) "/home/xxxxxx"[
"HTTP_COOKIE"
] => string(340) "_ga=GA1.3.2089969139.1586092654; _gid=GA1.3.1706564775.1586092654; _fbp=fb.2.1586092653868.278218693; _hjid=e84418d7-c956-41fc-9e4e-d5c6022e4160; mage-cache-storage=%7B%7D; mage-cache-storage-section-invalidation=%7B%7D; _hjIncludedInSample=1; X-Magento-Vary=e3cb9ab3566a693edff3edf82caa39b1ed79e8ba; section_data_ids=%7B%22gtm%22%3A7000%7D"[
"HTTP_ACCEPT_LANGUAGE"
] => string(23) "en-GB,en;q=0.9,ar;q=0.8"[
"HTTP_ACCEPT_ENCODING"
] => string(17) "gzip, deflate, br"[
"HTTP_SEC_FETCH_USER"
] => string(2) "?1"[
"HTTP_SEC_FETCH_MODE"
] => string(8) "navigate"[
"HTTP_SEC_FETCH_SITE"
] => string(4) "none"[
"HTTP_ACCEPT"
] => string(124) "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"[
"HTTP_SEC_FETCH_DEST"
] => string(8) "document"[
"HTTP_USER_AGENT"
] => string(115) "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.163 Safari/537.36"[
"HTTP_UPGRADE_INSECURE_REQUESTS"
] => string(1) "1"[
"HTTP_DNT"
] => string(1) "1"[
"HTTP_CACHE_CONTROL"
] => string(9) "max-age=0"[
"HTTP_HOST"
] => string(20) "www.xxxxxx.co.uk"[
"MAGE_RUN_TYPE"
] => string(0) ""[
"MAGE_RUN_CODE"
] => string(0) ""[
"REDIRECT_STATUS"
] => string(3) "200"[
"SERVER_NAME"
] => string(15) "www.xxxxxx.com"[
"SERVER_ADDR"
] => string(15) "000.000.000.000"[
"REMOTE_PORT"
] => string(5) "41721"[
"REMOTE_ADDR"
] => string(13) "000.000.000.000"[
"SERVER_SOFTWARE"
] => string(12) "nginx/1.16.1"[
"GATEWAY_INTERFACE"
] => string(7) "CGI/1.1"[
"HTTPS"
] => string(2) "on"[
"SERVER_PROTOCOL"
] => string(8) "HTTP/2.0"[
"DOCUMENT_ROOT"
] => string(24) "/home/xxxxxx/public/pub"[
"DOCUMENT_URI"
] => string(10) "/index.php"[
"REQUEST_URI"
] => string(1) "/"[
"SCRIPT_NAME"
] => string(10) "/index.php"[
"SCRIPT_FILENAME"
] => string(34) "/home/xxxxx/public/pub/index.php"[
"CONTENT_LENGTH"
] => string(0) ""[
"CONTENT_TYPE"
] => string(0) ""[
"REQUEST_METHOD"
] => string(3) "GET"[
"QUERY_STRING"
] => string(0) ""[
"FCGI_ROLE"
] => string(9) "RESPONDER"[
"PHP_SELF"
] => string(10) "/index.php"[
"REQUEST_TIME_FLOAT"
] => float(1586095624.6495)[
"REQUEST_TIME"
] => int(1586095624)
}
How come Domain1 returning domain2 details? including the ownership etc...
domain-maps.conf
## Map php-fpm pass route
map $http_host$request_uri $MAGE_PHP_ROUTE {
default unix:/var/run/php7.2-fpm-domain1.sock; # default php-fpm
}
## Map files to exclude from access log
# map $request $writelog {
# default 1;
# ~*\.woff2 0;
# ~*\.jpg 0;
# ~*\.png 0;
# ~*\.gif 0;
# ~*\.css 0;
# ~*\.webp 0;
# ~*\.js 0;
# }
## map query parameter to magento profiler parameter
map $query_string $MAGE_PROFILER {
~DEVELOPMENT=Q9ARzXbrwI html;
}
## Filter API access
map $request_uri $api_access {
default 0;
~/(.*)/V1/customers(?!/me) 1;
~/(.*)/V1/customers/password 1;
~/(.*)/V1/customers/resetPassword 1;
~/(.*)/V1/customers/isEmailAvailable 1;
~/(.*)/V1/guest-carts/ 1;
~/(.*)/V1/integration/ 1;
~/(.*)/V1/search 1;
}
## CORS headers
map $http_origin $cors_origin {
default "";
~*.example.com$ "$http_origin";
}
## Admin location http auth
geo $authentication {
default "Authentication required";
127.0.0.1 "off";
1.2.3.4 "off";
}
## GEOIP routing
#map $geoip_country_code $geospatial {
# default example.com;
# RU example.com/shipping.html;
# US us.example.com;
# AS as.example.com;
#}
# microcache
map $request_uri $no_cache {
default 1;
~/searchautocomplete/ajax/get/ 0;
~/catalogsearch/ajax/suggest/ 0;
~/search/ajax/suggest/ 0;
}
## Multi shop code configuration
map $http_host $MAGE_RUN_CODE {
hostnames;
.domain1.co.uk base;
.domain2.com base_en;
}
map $http_host $MAGE_RUN_TYPE {
hostnames;
.domain1.co.uk website;
.domain2.com store;
}
## Map HSTS header
map $scheme $hsts_header { https "max-age=31556926; includeSubDomains; preload"; }
## Map bad user agents
map $http_user_agent $bad_client {
default 0;
~*(360Spider) 1;
~*(Aboundex|aiHitBot|AhrefsBot|AspiegelBot) 1;
~*(betaBot|BigBozz|BlackWidow|Bolt|BLEXBot|BUbiNG) 1;
~*(CazoodleBot|cispa|CPython|CCBot|ChinaClaw|Cliqzbot|coccocbot|Curious|CRAZYWEBCRAWLER|Custo) 1;
~*(Daumoa|Default|DeuSu|DIIbot|DISCo|discobot|DoCoMo|DuckDuckGo) 1;
~*(EasouSpider|eCatch|ecxi|EirGrabber|EmailCollector|EmailSiphon|EmailWolf|ExtractorPro|Exabot|Exploratodo|EyeNetIE) 1;
~*(FatBot|FlashGet|Findxbot) 1;
~*(GetRight|GetWeb!|GigablastOpenSource|Gigabot|gimme60bot|Go!Zilla|Go-Ahead-Got-It|Go.*package.*|GrabNet|Grafula|GT::WWW|GuzzleHttp) 1;
~*(heritrix|HaosouSpider|HMView|HTTP::Lite|HTTrack) 1;
~*(ia_archiver|IDBot|id-search|id-search.org|InterGET|InternetSeer.com|IRLbot) 1;
~*(JetCar) 1;
~*(larbin|LeechFTP|Lightspeedsystems|litemage_walker|Link|LinksManager.com|Lipperhey|LinkpadBot|linkwalker|lwp-trivial|ltx71) 1;
~*(Maxthon$|Mail.RU_Bot|meanpathbot|MegaIndex.ru|MFC_Tear_Sample|microsoft.url|Microsoft-IIS|Microsoft.*Office|Mozilla.*Indy|Mozilla.*NEWT|MJ12bot|MSFrontPage) 1;
~*(Navroad|NearSite|NetAnts|NetLyzer.*FastProbe|NetSpider|NetZIP|Nutch) 1;
~*(Octopus) 1;
~*(PageGrabber|panscient.com|pavuk|PECL::HTTP|PeoplePal|pcBrowser|Pi-Monster|PHPCrawl|PleaseCrawl|psbot|prijsbest) 1;
~*(Qwantify) 1;
~*(RealDownload|ReGet|RedesScrapy|Rippers|RocketCrawler) 1;
~*(SBIder|Scrapy|ScreenerBot|SEOprofiler|Screaming.*Spider|SeaMonkey|SeznamBot|SemrushBot|sitecheck.internetseer.com|SiteSnagger) 1;
~*(SmartDownload|Snoopy|SputnikBot|Steeler|SuperBot|SuperHTTP|Surfbot|sqlmap) 1;
~*(tAkeOut|Teleport|Toata|TwengaBot|Typhoeus) 1;
~*(URI::Fetch|User-Agent|UserAgent) 1;
~*(voltron|Vagabondo|VoidEYE|Visbot) 1;
~*(webalta|WebAuto|[Ww]eb[Bb]andit|WebCollage|WebCopier|WebFetch|WebLeacher|WebReaper|WebSauger|WebStripper|WebWhacker|WhatsApp) 1;
~*(WebZIP|Widow|Wotbox|WWW-Mechanize|WWWOFFLE) 1;
~*(XoviBot) 1;
~*(zermelo|Zeus|Zeus.*Webster|zgrab|ZyBorg) 1;
}
domain2-maps.conf
## Map php-fpm pass route
map $http_host$request_uri $MAGE_PHP_ROUTE {
default unix:/var/run/php7.2-fpm-xxxxx.sock; # default php-fpm
}
## Map files to exclude from access log
# map $request $writelog {
# default 1;
# ~*\.woff2 0;
# ~*\.jpg 0;
# ~*\.png 0;
# ~*\.gif 0;
# ~*\.css 0;
# ~*\.webp 0;
# ~*\.js 0;
# }
## map query parameter to magento profiler parameter
map $query_string $MAGE_PROFILER {
~DEVELOPMENT=Q9ARzXbrwI html;
}
## Filter API access
map $request_uri $api_access {
default 0;
~/(.*)/V1/customers(?!/me) 1;
~/(.*)/V1/customers/password 1;
~/(.*)/V1/customers/resetPassword 1;
~/(.*)/V1/customers/isEmailAvailable 1;
~/(.*)/V1/guest-carts/ 1;
~/(.*)/V1/integration/ 1;
~/(.*)/V1/search 1;
}
## CORS headers
map $http_origin $cors_origin {
default "";
~*.example.com$ "$http_origin";
}
## Admin location http auth
geo $authentication {
default "Authentication required";
127.0.0.1 "off";
1.2.3.4 "off";
}
## GEOIP routing
#map $geoip_country_code $geospatial {
# default example.com;
# RU example.com/shipping.html;
# US us.example.com;
# AS as.example.com;
#}
# microcache
map $request_uri $no_cache {
default 1;
~/searchautocomplete/ajax/get/ 0;
~/catalogsearch/ajax/suggest/ 0;
~/search/ajax/suggest/ 0;
}
## Multi shop code configuration
map $http_host $MAGE_RUN_CODE {
hostnames;
.xxxxxx.co.uk base;
.xxxxxxx.com base_en;
}
map $http_host $MAGE_RUN_TYPE {
hostnames;
.xxxxxxx.co.uk website;
.xxxxxxx.com store;
}
## Map HSTS header
map $scheme $hsts_header { https "max-age=31556926; includeSubDomains; preload"; }
## Map bad user agents
map $http_user_agent $bad_client {
default 0;
~*(360Spider) 1;
~*(Aboundex|aiHitBot|AhrefsBot|AspiegelBot) 1;
~*(betaBot|BigBozz|BlackWidow|Bolt|BLEXBot|BUbiNG) 1;
~*(CazoodleBot|cispa|CPython|CCBot|ChinaClaw|Cliqzbot|coccocbot|Curious|CRAZYWEBCRAWLER|Custo) 1;
~*(Daumoa|Default|DeuSu|DIIbot|DISCo|discobot|DoCoMo|DuckDuckGo) 1;
~*(EasouSpider|eCatch|ecxi|EirGrabber|EmailCollector|EmailSiphon|EmailWolf|ExtractorPro|Exabot|Exploratodo|EyeNetIE) 1;
~*(FatBot|FlashGet|Findxbot) 1;
~*(GetRight|GetWeb!|GigablastOpenSource|Gigabot|gimme60bot|Go!Zilla|Go-Ahead-Got-It|Go.*package.*|GrabNet|Grafula|GT::WWW|GuzzleHttp) 1;
~*(heritrix|HaosouSpider|HMView|HTTP::Lite|HTTrack) 1;
~*(ia_archiver|IDBot|id-search|id-search.org|InterGET|InternetSeer.com|IRLbot) 1;
~*(JetCar) 1;
~*(larbin|LeechFTP|Lightspeedsystems|litemage_walker|Link|LinksManager.com|Lipperhey|LinkpadBot|linkwalker|lwp-trivial|ltx71) 1;
~*(Maxthon$|Mail.RU_Bot|meanpathbot|MegaIndex.ru|MFC_Tear_Sample|microsoft.url|Microsoft-IIS|Microsoft.*Office|Mozilla.*Indy|Mozilla.*NEWT|MJ12bot|MSFrontPage) 1;
~*(Navroad|NearSite|NetAnts|NetLyzer.*FastProbe|NetSpider|NetZIP|Nutch) 1;
~*(Octopus) 1;
~*(PageGrabber|panscient.com|pavuk|PECL::HTTP|PeoplePal|pcBrowser|Pi-Monster|PHPCrawl|PleaseCrawl|psbot|prijsbest) 1;
~*(Qwantify) 1;
~*(RealDownload|ReGet|RedesScrapy|Rippers|RocketCrawler) 1;
~*(SBIder|Scrapy|ScreenerBot|SEOprofiler|Screaming.*Spider|SeaMonkey|SeznamBot|SemrushBot|sitecheck.internetseer.com|SiteSnagger) 1;
~*(SmartDownload|Snoopy|SputnikBot|Steeler|SuperBot|SuperHTTP|Surfbot|sqlmap) 1;
~*(tAkeOut|Teleport|Toata|TwengaBot|Typhoeus) 1;
~*(URI::Fetch|User-Agent|UserAgent) 1;
~*(voltron|Vagabondo|VoidEYE|Visbot) 1;
~*(webalta|WebAuto|[Ww]eb[Bb]andit|WebCollage|WebCopier|WebFetch|WebLeacher|WebReaper|WebSauger|WebStripper|WebWhacker|WhatsApp) 1;
~*(WebZIP|Widow|Wotbox|WWW-Mechanize|WWWOFFLE) 1;
~*(XoviBot) 1;
~*(zermelo|Zeus|Zeus.*Webster|zgrab|ZyBorg) 1;
}
Hi,
seems that Magento don't rewrite and resize images both in admin area then frontend. After many searches it can be an nginx issue. Nginx configuration seems to be ok.
I have enabled nginx debug, passed all varnish requests and disabled opcache and i have this result:
`
% curl -Ivl "https://www.mydomain.com/media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image"
HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/2
Host: www.mydomain.com
User-Agent: curl/7.64.1
Accept: /
<
In nginx logs I have:
`
2021/04/01 09:39:54 [notice] 1273459#1273459: 7 "^/static/(version\d/)?(.*)$" does not match "/media/catalog/product/0/1/018084910993.jpg", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [notice] 1273459#1273459: *7 "/(admin_6g9joz|PMA_PLACEHOLDER)/" does not match "/media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [notice] 1273459#1273459: 7 "^(./)index.php(/?)(.*)" does not match "/media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [notice] 1273459#1273459: *7 "^(brand|cat|color|dir|from|limit|price|type|mode|size|manufacturer|product_list_mode|product_list_order|product_list_dir)=.+" does not match "width=320&height=320&store=it&image-type=small_image", client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
2021/04/01 09:39:54 [warn] 1273459#1273459: *7 using uninitialized "filters" variable, client: 151.77.185.247, server: www.mydomain.com, request: "HEAD /media/catalog/product/0/1/018084910993.jpg?width=320&height=320&store=it&image-type=small_image HTTP/1.1", host: "www.mydomain.com"
`
and all images url generate full image with parameters
The regex for bad user agents includes this line:
~*(larbin|LeechFTP|Lightspeedsystems|litemage_walker|Link|LinksManager.com|Lipperhey|LinkpadBot|linkwalker|lwp-trivial|ltx71) 1;
However, this also matches the user agent sent by requests from within the iOS LinkedIn app. For example:
Mozilla/5.0 (iPad; CPU OS 12_4_4 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148 [LinkedInApp]
The simple solution is to remove |Link
, though I'm not sure if there's a better solution, as I don't know what agent that was intended to match in the first place.
Hi!
If there are Cyrillic characters in the search request, the server returns response status 410.
When you search for "Кран" - 410 Gone
1**.***.***.**1 - - [13/Jun/2023:13:02:48 +0300] "GET http://domain.com/catalogsearch/result/?q=%D0%BA%D1%80%D0%B0%D0%BD HTTP/1.1" 410 456 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.001 - "6cabd635dbe67c5f2eea81c1116e8828"
127.0.0.1 - - [13/Jun/2023:13:02:48 +0300] "GET http://domain.com/catalogsearch/result/?q=%D0%BA%D1%80%D0%B0%D0%BD HTTP/1.1" 410 279 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.000 - "1a23d4e96f623d71b73b4cfd48efc485"
When you search for "Qtap" - all OK
127.0.0.1 - - [13/Jun/2023:13:01:40 +0300] "GET http://domain.com/catalogsearch/result/?q=qtap HTTP/1.1" 200 404415 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.044 - "efbc798ec36a0274241e34e68aab9ff5"
1**.***.***.**1 - - [13/Jun/2023:13:01:40 +0300] "GET http://domain.com/catalogsearch/result/?q=qtap HTTP/1.1" 200 46590 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0" 0.056 - "1ffa658eb52d2fbf6bda68b54d8f9cf3"
Perhaps the problem is here:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.