Flarum via VestaCP Nginx Configuration

fakruzaruret

demirel hocam Oops! Something went wrong. Please reload the page and try again hatası alıyorum. nginx configurasyonu zor oluyor vestaCP için şu anda sorunsuz kullanabiliyor musunuz?

clarkwinkelmann

fakruzaruret please start your own discussions for your issues.

Also please use English only as per our guidelines

If not using a tag set aside for multilingual use, post in English only. We can't help if we can't read you!

I deleted your other non-english reply in the other discussion, feel free to repost it in English.

Edit PS: if this is the same issue as https://discuss.flarum.org/d/21630-the-requested-resource-was-not-found-and-public-html-nginx-conf-problem we can merge the two discussions

fakruzaruret

I have VestaCp installed Centos7 Nginx VPS and ı want to install flarum. I installed to subfolder and subdomain. Lastly I tried to install it to subdomain for clean installing. I have read installation document on flarum.org but still I get some errors. I cant sign up and use some features. I get error: Oops! Something went wrong. Please reload the page and try again.

Some parts of my error log:

1249#1249: *19 FastCGI sent in stderr: "PHP message: PHP Warning: Use of undefined constant ture - assumed 'ture' (this will throw an Error in a future version of PHP) in /home/user/web/forum.domain.com/public_html/config.php on line 2" while reading response header from upstream, [ I get This error when I change config debug to true from false. ]

[error] 1249#1249: *2172 open() "/home/user/web/forum.domain.com/public_html/favicon.ico" failed (2: No such file or directory),
[error] 1249#1249: *2339 rewrite or internal redirection cycle while internally redirecting to "/api.php"
[error] 1249#1249: *2300 rewrite or internal redirection cycle while internally redirecting to "/admin.php",

my index.php:

<?php

/*
 * This file is part of Flarum.
 *
 * (c) Toby Zerner <toby.zerner@gmail.com>
 *
 * For the full copyright and license information, please view the LICENSE
 * file that was distributed with this source code.
 */

/* /forum/public e göre ayar
require '../vendor/autoload.php';

$server = new Flarum\Http\Server(
    Flarum\Foundation\Site::fromPaths([
        'base' => __DIR__.'/..',
        'public' => __DIR__.'/../public',
        'storage' => __DIR__.'/../storage',
    ])
);

$server->listen();
 */

// /anadizine göre ayar
require 'vendor/autoload.php';

$server = new Flarum\Http\Server(
    Flarum\Foundation\Site::fromPaths([
        'base' => __DIR__,
        'public' => __DIR__,
        'storage' => __DIR__.'/storage',
    ])
);

$server->listen();

My .htaccess file in main folder:

<IfModule mod_rewrite.c>
  RewriteEngine on

  # Ensure the Authorization HTTP header is available to PHP
  RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

   Uncomment the following lines if you are not using a `public` directory
   to prevent sensitive resources from being exposed.
   #RewriteRule /\.git / [F,L]
   #RewriteRule ^composer\.(lock|json)$ / [F,L]
   #RewriteRule ^config.php$ / [F,L]
   #RewriteRule ^flarum$ / [F,L]
   #RewriteRule ^storage/(.*)?$ / [F,L]
   #RewriteRule ^vendor/(.*)?$ / [F,L]

  # Pass requests that don't refer directly to files in the filesystem to index.php
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^ index.php [QSA,L]
</IfModule>

# Disable directory listings
Options -Indexes

# MultiViews can mess up our rewriting scheme
Options -MultiViews

# The following directives are based on best practices from H5BP Apache Server Configs
# https://github.com/h5bp/server-configs-apache

# Expire rules for static content
<IfModule mod_expires.c>
  ExpiresActive on
  ExpiresDefault                                      "access plus 1 month"
  ExpiresByType text/css                              "access plus 1 year"
  ExpiresByType application/atom+xml                  "access plus 1 hour"
  ExpiresByType application/rdf+xml                   "access plus 1 hour"
  ExpiresByType application/rss+xml                   "access plus 1 hour"
  ExpiresByType application/json                      "access plus 0 seconds"
  ExpiresByType application/ld+json                   "access plus 0 seconds"
  ExpiresByType application/schema+json               "access plus 0 seconds"
  ExpiresByType application/vnd.geo+json              "access plus 0 seconds"
  ExpiresByType application/vnd.api+json              "access plus 0 seconds"
  ExpiresByType application/xml                       "access plus 0 seconds"
  ExpiresByType text/calendar                         "access plus 0 seconds"
  ExpiresByType text/xml                              "access plus 0 seconds"
  ExpiresByType image/vnd.microsoft.icon              "access plus 1 week"
  ExpiresByType image/x-icon                          "access plus 1 week"
  ExpiresByType text/html                             "access plus 0 seconds"
  ExpiresByType application/javascript                "access plus 1 year"
  ExpiresByType application/x-javascript              "access plus 1 year"
  ExpiresByType text/javascript                       "access plus 1 year"
  ExpiresByType application/manifest+json             "access plus 1 week"
  ExpiresByType application/x-web-app-manifest+json   "access plus 0 seconds"
  ExpiresByType text/cache-manifest                   "access plus 0 seconds"
  ExpiresByType text/markdown                         "access plus 0 seconds"
  ExpiresByType audio/ogg                             "access plus 1 month"
  ExpiresByType image/bmp                             "access plus 1 month"
  ExpiresByType image/gif                             "access plus 1 month"
  ExpiresByType image/jpeg                            "access plus 1 month"
  ExpiresByType image/png                             "access plus 1 month"
  ExpiresByType image/svg+xml                         "access plus 1 month"
  ExpiresByType image/webp                            "access plus 1 month"
  ExpiresByType video/mp4                             "access plus 1 month"
  ExpiresByType video/ogg                             "access plus 1 month"
  ExpiresByType video/webm                            "access plus 1 month"
  ExpiresByType application/wasm                      "access plus 1 year"
  ExpiresByType font/collection                       "access plus 1 month"
  ExpiresByType application/vnd.ms-fontobject         "access plus 1 month"
  ExpiresByType font/eot                              "access plus 1 month"
  ExpiresByType font/opentype                         "access plus 1 month"
  ExpiresByType font/otf                              "access plus 1 month"
  ExpiresByType application/x-font-ttf                "access plus 1 month"
  ExpiresByType font/ttf                              "access plus 1 month"
  ExpiresByType application/font-woff                 "access plus 1 month"
  ExpiresByType application/x-font-woff               "access plus 1 month"
  ExpiresByType font/woff                             "access plus 1 month"
  ExpiresByType application/font-woff2                "access plus 1 month"
  ExpiresByType font/woff2                            "access plus 1 month"
  ExpiresByType text/x-cross-domain-policy            "access plus 1 week"
</IfModule>

# Gzip compression
<IfModule mod_deflate.c>
  <IfModule mod_filter.c>
    AddOutputFilterByType DEFLATE "application/atom+xml" \
                                  "application/javascript" \
                                  "application/json" \
                                  "application/ld+json" \
                                  "application/manifest+json" \
                                  "application/rdf+xml" \
                                  "application/rss+xml" \
                                  "application/schema+json" \
                                  "application/vnd.geo+json" \
                                  "application/vnd.ms-fontobject" \
                                  "application/wasm" \
                                  "application/x-font-ttf" \
                                  "application/x-javascript" \
                                  "application/x-web-app-manifest+json" \
                                  "application/xhtml+xml" \
                                  "application/xml" \
                                  "font/collection" \
                                  "font/eot" \
                                  "font/opentype" \
                                  "font/otf" \
                                  "font/ttf" \
                                  "image/bmp" \
                                  "image/svg+xml" \
                                  "image/vnd.microsoft.icon" \
                                  "image/x-icon" \
                                  "text/cache-manifest" \
                                  "text/calendar" \
                                  "text/css" \
                                  "text/html" \
                                  "text/javascript" \
                                  "text/plain" \
                                  "text/markdown" \
                                  "text/vcard" \
                                  "text/vnd.rim.location.xloc" \
                                  "text/vtt" \
                                  "text/x-component" \
                                  "text/x-cross-domain-policy" \
                                  "text/xml"
    </IfModule>
</IfModule>

# Fix for https://httpoxy.org vulnerability
<IfModule mod_headers.c>
  RequestHeader unset Proxy
</IfModule>

domain.nginx.ssl.conf.* file ( /home/user/conf/web/ ) (domain.nginx.conf is same):

server {
    listen      x.x.x.x:443 ssl;
    server_name forum.domain.com ;
    root        /home/user/web/forum.domain.com/public_html;
    index       index.php index.html index.htm;
    access_log  /var/log/nginx/domains/forum.domain.com.log combined;
    access_log  /var/log/nginx/domains/forum.domain.com.bytes bytes;
    error_log   /var/log/nginx/domains/forum.domain.com.error.log error;

    #ssl         on;
    ssl_certificate      /home/user/conf/web/ssl.forum.domain.com.pem;
    ssl_certificate_key  /home/user/conf/web/ssl.forum.domain.com.key;

    location / {

try_files $uri $uri/ /index.php?$query_string;

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
            expires     max;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    127.0.0.1:9008;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
        }
    }

location /api {
  try_files $uri $uri/ /api.php?$query_string;
}

location /admin {
  try_files $uri $uri/ /admin.php?$query_string;
}

    error_page  403 /error/404.html;
    error_page  404 /error/404.html;
    error_page  500 502 503 504 /error/50x.html;

    location /error/ {
        alias   /home/user/web/forum.domain.com/document_errors/;
    }

    location ~* "/\.(htaccess|htpasswd)$" {
        deny    all;
        return  404;
    }

    location /vstats/ {
        alias   /home/user/web/forum.domain.com/stats/;
        include /home/user/conf/web/forum.domain.com.auth*;
    }

    include     /home/user/conf/web/forum.domain.com/public_html/.nginx.conf*;
    include     /etc/nginx/conf.d/phpmyadmin.inc*;
    include     /etc/nginx/conf.d/phppgadmin.inc*;
    include     /etc/nginx/conf.d/webmail.inc*;

    include     /home/user/conf/web/snginx.forum.domain.com.conf*;
}

.nginx.conf in flarum main folder:


# Pass requests that don't refer directly to files in the filesystem to index.php
#location / {
#  try_files $uri $uri/ /index.php?$query_string;
#}

#location /api {
#  try_files $uri $uri/ /api.php?$query_string;
#}

#location /admin {
#  try_files $uri $uri/ /admin.php?$query_string;
#}



# The following directives are based on best practices from H5BP Nginx Server Configs
# https://github.com/h5bp/server-configs-nginx

# Expire rules for static content
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
  add_header Cache-Control "max-age=0";
}

location ~* \.(?:rss|atom)$ {
  add_header Cache-Control "max-age=3600";
}

location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|mp4|ogg|ogv|webm|htc)$ {
  add_header Cache-Control "max-age=2592000";
  access_log off;
}

location ~* \.(?:css|js)$ {
  add_header Cache-Control "max-age=31536000";
  access_log off;
}

location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ {
  add_header Cache-Control "max-age=2592000";
  access_log off;
}

# Gzip compression
gzip on;
gzip_comp_level 5;
gzip_min_length 256;
gzip_proxied any;
gzip_vary on;
gzip_types
    application/atom+xml
    application/javascript
    application/json
    application/ld+json
    application/manifest+json
    application/rss+xml
    application/vnd.geo+json
    application/vnd.ms-fontobject
    application/x-font-ttf
    application/x-web-app-manifest+json
    application/xhtml+xml
    application/xml
    font/opentype
    image/bmp
    image/svg+xml
    image/x-icon
    text/cache-manifest
    text/css
    text/plain
    text/vcard
    text/vnd.rim.location.xloc
    text/vtt
    text/x-component
    text/x-cross-domain-policy;

Domain's nginx files directory:

Flarum main folder:

domain.com/admin:

Oops! Something went wrong. Please reload the page and try again.

jordanjay29

fakruzaruret clarkwinkelmann already replied to you here, please read and respond in this discussion. Do not start any others on this same subject, follow our Community Guidelines about not posting in multiple places.

fakruzaruret

jordanjay29 @clarkwinkelmann said me reopen your discussion. VestaCp 500 title is opened before. So I have opened new discussion with new title.

meetdilip

I heard VestaCP is not safe. Some serious security issue was found. That was at least 6 months back. I hope they are past that now.

jordanjay29

fakruzaruret I see the confusion now, @clarkwinkelmann split the offending post out into its own discussion for you. Just use this discussion now, please.

fakruzaruret

I have solved some problems with removing these lines from nginx conf.

location /api {
  try_files $uri $uri/ /api.php?$query_string;
}

location /admin {
  try_files $uri $uri/ /admin.php?$query_string;
}

clarkwinkelmann

fakruzaruret if the oops error comes from Flarum, the full error message will be found in <flarum>/storage/logs. If it comes from the webserver, check the server logs usually in /var/log/ or your management console.

fakruzaruret

clarkwinkelmann I have solved this problem by this way. You can lock if you want.

luceos

For future reference, there was a typo in the config.php; not ture but true was required.