开发者

NginX Friendly PHP Framework

I am l开发者_开发技巧ooking for a PHP framework that, if I'm lucky, just works in nginx under FastCGI, otherwise, one that doesn't take too much tweaking.


Symfony 1.4 with nginx is fantastic. I have already done the tweaking, here is a generalization of my production config that I can vouch is fit for production use.

server {
  listen 80;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;

  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php$ {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

server {
  listen 443;

  ssl on;
  ssl_certificate      /etc/ssl/certs/mysite.com.crt;
  ssl_certificate_key  /etc/ssl/private/mysite.com.key;

  server_name mysite.com;

  root /var/www/mysite.com/web;
  access_log /var/log/nginx/mysite.com.access.log;
  error_log /var/log/nginx/mysite.com.error.log;
  location ~ ^/(index|frontend|frontend_dev|backend|backend_dev)\.php$ {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS on;
    fastcgi_pass   127.0.0.1:9000;
  }

  location / {
    index index.php;
    try_files $uri /index.php?$args;
  }
}

PHP 5.4 Note

php5-fpm 5.4 that comes with dotdeb now uses sockets instead of the loopback by default. If you are using PHP 5.4 and you are getting a bad gateway error with the above config, try replacing all instances of 127.0.0.1:9000 with unix:/var/run/php5-fpm.sock.

php-fpm 5.4 also newly limits the file extensions that can be parsed as PHP to those specified in security.limit_extensions. This might be of interested if you have modified the location regex to include other file extensions than .php. The security note below still applies.

Security Note

This config only parses the files index.php, frontend.php, frontend_dev.php, backend.php and backend_dev.php with PHP.

With php and nginx in general, not just with symfony, using

location \.php$ {
  ...
}

causes a security vulnerability related to URLs that use pathinfo, like these: /index.php/foo/bar.

The common workaround is to set fix_pathinfo=0 in php.ini. This breaks pathinfo URLs, and symfony relies on them. The solution used here is to explicitly specify the files that get parsed as php.

For more information, see the nginx+php-cgi security alert

Platforms

This works and is secure on Debian Squeeze systems that use dotdeb for nginx and php-fpm packages, as well as Ubuntu 10.04 Lucid Lynx systems that use ppa/brianmercer for php-fpm. It might or might not work and be secure on other systems.

Usage note

To add another PHP file additionalfile.php to get parsed, use this syntax in both location blocks:

location ~ ^(index|frontend|frontend_dev|backend|backend_dev|additionalfile).php$ { ... }

Edit: Symfony 2.0 is out! Here is the config, adapted from the 1.4 config above:

server {
  listen 80;

  server_name symfony2;
  root /var/www/symfony2/web;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$ /app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}

server {
  listen 443;

  server_name symfony2;
  root /var/www/symfony2/web;

  ssl on;
  ssl_certificate      /etc/ssl/certs/symfony2.crt;
  ssl_certificate_key  /etc/ssl/private/symfony2.key;

  error_log /var/log/nginx/symfony2.error.log;
  access_log /var/log/nginx/symfony2.access.log;

  location / {
    index app.php;
    if (-f $request_filename) {
      break;
    }
    rewrite ^(.*)$ /app.php last;
  }

  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  location ~ (app|app_dev).php {
    include fastcgi_params;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
    fastcgi_param HTTPS off;
    fastcgi_pass   127.0.0.1:9000;
  }
}


As some commenters have noted you just need to set up nginx correctly. Here's a post that sets up nginx for codeigniter.


This repo helped me with symfony 1.4 on nginx+php-fpm [https://raw.githubusercontent.com/korjavin/docker-nginx-symfony/my/default][1]

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜