【发布时间】:2014-01-25 11:41:42
【问题描述】:
我认为我的配置有一个小错误/错误。我将服务器用于 magento 商店。
我对 Nginx 的服务器设置是:
user nobody;
worker_processes 2; ## = CPU qty
error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
index index.html index.php; ## Allow a static html file to be shown first
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#log_format error403 '$remote_addr - $remote_user [$time_local] '
# '$status "$request" "$http_x_forwarded_for"';
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
## Gzipping is an easy way to reduce page weight
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_types text/css application/x-javascript;
gzip_buffers 16 8k;
gzip_comp_level 8;
gzip_min_length 1024;
#ssl_session_cache shared:SSL:15m;
#ssl_session_timeout 15m;
keepalive_timeout 10;
## Use when Varnish in front
#set_real_ip_from 127.0.0.1;
#real_ip_header X-Forwarded-For;
## Multi domain configuration
#map $http_host $storecode {
#www.domain1.com 1store_code; ## US main
#www.domain2.net 2store_code; ## EU store
#www.domain3.de 3store_code; ## German store
#www.domain4.com 4store_code; ## different products
#}
server {
listen 80; ## change to 8080 with Varnish
#listen 443 ssl;
server_name _; ## Domain is here
root /var/www/html;
access_log /var/log/nginx/access_mydomain.log main;
## Nginx will not add the port in the url when the request is redirected.
#port_in_redirect off;
####################################################################################
## SSL CONFIGURATION
#ssl_certificate /etc/ssl/certs/www_server_com.chained.crt;
#ssl_certificate_key /etc/ssl/certs/server.key;
#ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
#http://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
#http://serverfault.com/questions/417512/disable-deflate-compression-in-nginx-ssl
#ssl_ciphers AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH;
#ssl_ciphers RC4:HIGH:!aNULL:!MD5:!kEDH;
#ssl_prefer_server_ciphers on;
####################################################################################
## Server maintenance block. insert dev ip 1.2.3.4 static address www.whatismyip.com
#if ($remote_addr !~ "^(1.2.3.4|1.2.3.4)$") {
#return 503;
#}
#error_page 503 @maintenance;
#location @maintenance {
#rewrite ^(.*)$ /error_page/503.html break;
#internal;
#access_log off;
#log_not_found off;
#}
####################################################################################
## 403 error log/page
#error_page 403 /403.html;
#location = /403.html {
#root /var/www/html/error_page;
#internal;
#access_log /var/log/nginx/403.log error403;
#}
####################################################################################
## Main Magento location
location / {
try_files $uri $uri/ @handler;
}
####################################################################################
## These locations would be hidden by .htaccess normally, protected
location ~ (/(app/|includes/|/pkginfo/|var/|errors/local.xml)|/\.svn/|/.hta.+) {
deny all;
#internal;
}
####################################################################################
## Protecting /admin/ and /downloader/ 1.2.3.4 = static ip (www.whatismyip.com)
#location /downloader/ {
#allow 1.2.3.4;
#allow 1.2.3.4;
#deny all;
#rewrite ^/downloader/(.*)$ /downloader/index.php$1;
#}
#location /admin {
#allow 1.2.3.4;
#allow 1.2.3.4;
#deny all;
#rewrite / /@handler;
#}
####################################################################################
## Images, scripts and styles set far future Expires header
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
access_log off;
}
####################################################################################
## Main Magento location
location @handler {
rewrite / /index.php;
}
location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
rewrite ^(.*.php)/ $1 last;
}
####################################################################################
## Execute PHP scripts
location ~ .php$ {
try_files $uri $uri/ =404;
#try_files $uri $uri/ @handler;
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
## Store code with multi domain
#fastcgi_param MAGE_RUN_CODE $storecode;
## Default Store code
fastcgi_param MAGE_RUN_CODE default;
fastcgi_param MAGE_RUN_TYPE store; ## or website;
include fastcgi_params; ## See /etc/nginx/fastcgi_params
}
}
}
对于 php-fpm 它是(它不是整个代码,只是我改变的)
;listen = 127.0.0.1:9000
listen = /var/run/php-fpm/php-fpm.sock
;listen.owner = nobody
listen.owner = nginx
;listen.group = nobody
listen.group = nginx
;listen.mode = 0666
listen.mode = 0664
user = nginx
group = nginx
[...]
然后我通过以下方式将自己添加为用户:
user add byname -d /var/www/html -m
给自己一个密码(我使用VSFTPD),添加一个群组wwwftp,将自己添加到群组中:
usermod -g wwwftp myname
使/var/www/html归我所有:
chown byname /var/www/html
并更改组 (chgrp wwwftp /var/www/html)
有时我会遇到文件权限问题。如果 Magento 添加文件,则文件权限为用户 99 和组 99。无法显示图像。除非我将它们设为 777,否则无法打开文件。
也许我的配置有问题?
【问题讨论】:
-
如果 Magento 添加文件,则文件权限为用户 99 和组 99。无法显示图像。除非我将它们设为 777,否则无法打开文件。
标签: nginx file-permissions php